• shrugal@lemmy.world
    link
    fedilink
    arrow-up
    75
    arrow-down
    2
    ·
    1 year ago

    A domain takedown was never able to shut a server down, not even with centralized servers. Most big services are accessible via multiple domains of different countries, and this would just disable one of them. But for the Fediverse that means that they also “disabled” an entire instance with all its users.

    This actually shows us that relying on domains can be a problem for the Fediverse! Imo we need to upgrade the federation protocol to be able to handle these things, like propagating a domain change or migrating accounts to other instances.

    • WhoRoger@lemmy.world
      link
      fedilink
      arrow-up
      10
      ·
      edit-2
      1 year ago

      I’ve been wondering why everyone has a domain on their instance, even if it’s a single-user personal thingy.

      • Perhyte@lemmy.world
        link
        fedilink
        English
        arrow-up
        33
        ·
        1 year ago

        Because you need a way to be reachable over HTTPS for other instances to be able to securely send you updates (new posts/comments/votes etc.), so you need a trusted certificate. While HTTPS does not strictly require a domain name1 it vastly simplifies the process.

        1: It’s possible to get a trusted certificate for an IP address, but not nearly as easy as getting one for a domain. And it’s probably also more expensive than just getting a domain and using Let’s Encrypt to get a certificate.

        • nintendiator@feddit.cl
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Because you need a way to be reachable over HTTPS

          Feels like this is the core key to be changed. Something like Debian’s packaging system for example, which doesn’t even need the Debian domain to be HTTPS.

          • Max-P@lemmy.max-p.me
            link
            fedilink
            English
            arrow-up
            4
            ·
            1 year ago

            Debian packages are signed individually, and usually people also don’t see downloading Debian packages as potentially privacy-sensitive, so plain download is acceptable.

            For lemmy where user accounts are involved, and in general as a new protocol designed in the age of HTTPS, it makes sense to require HTTPS.

            • nintendiator@feddit.cl
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              1
              ·
              1 year ago

              Dunno the exacts, but why not the good ol’ GPG? You only need to be able to exchange keys out-of-band once, and it saves you from lots of other issues. Trust between Alice and Brian is a between-them thing, and should not depend on a thrid party like Caroline arbitrarily deciding to change Brian’s legal name to Brandon.