summaryrefslogtreecommitdiff
path: root/content/entry/icannot-be-trusted.md
blob: 676822eb077835145b0ea3e957a89af2e2cbc61c5a6ef07dceffd6c9e111973f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
---
title: "ICANNot Be Trusted"
date: 2022-09-07T00:00:01
tags: ['computing']
draft: false
---
## ICANN
The Internet Corporation for Assigned Names and Numbers, also known as [ICANN](https://en.wikipedia.org/wiki/ICANN), is a U.S. nonprofit which manages the [DNS](https://en.wikipedia.org/wiki/Domain_Name_System) root servers. When you type "nicholasjohnson.ch" into your search bar and hit enter, ICANN is ultimately in control over what happens next, not me.

ICANN's contracts with domain registries are immune from being challenged and registries can set arbitrary restrictions on content hosted on their domains. [ICANN has an effective monopoly on almost all domain names and punishes people for past sharing.](https://x.com/brokep/status/1364950213790740481) For more on that, see the article "[Ending the War on Sharing](https://stallman.org/articles/end-war-on-sharing.html)".

Another problem I have with ICANN is one can't legally own a domain name without forking over personal information to the domain name registrar. Most registrars offer to hide that information from public view, but they still have to hand it over under certain circumstances and there's always the possibility that it gets stolen.

To get around that, nicholasjohnson.ch is currently registered through [Njalla](https://njal.la/). Njalla legally owns nicholasjohnson.ch and all its subdomains and in return, I don't have to fork over any personal information. They've been operating for years, but could still run away with my domain name and I'd have no recourse since they legally own it.

## Tor and I2P
Ideally, you're accessing this journal [over](gemini://nick6gsepvtmkcpibpid6dqtqroxt62u6ab4ep65vxrenffruumj6jad.onion) [Tor](http://nick6gsepvtmkcpibpid6dqtqroxt62u6ab4ep65vxrenffruumj6jad.onion) [or](gemini://nick6w7lwwzwli57czw5glh3sm2qhnyzbhtq3nohbcnc7j3wqmqq.b32.i2p) [I2P](http://nickg4tsj3wy3i23faxp5momjcnlwrvwl5ek5l7lkm5vrbblvgbq.b32.i2p). Those networks will continue working even if my domain gets hijacked. It's unlikely that something happens to my domain, but it's not impossible.

My Tor onion and I2P addresses aren't foolproof. They're hosted on a VPS, meaning my VPS provider could hijack them. Using nicholasjohnson.ch to access my journal, you have to trust both ICANN and my VPS though. So you're better off using Tor or I2P so you only need to trust one third party, not two.

Brief digression: To avoid trusting any third party, you can always [verify my journal's Git repository](https://archive.softwareheritage.org/swh:1:rev:0990ac4365ea2e436a9d28aeefdd16ec65c27afa;visit=swh:1:snp:d25282c0c441839d1ca147a90699bd2c7d986a21) with [my public Signify key](/static/signify.pub) and a small utility called [git-signify](https://git.nicholasjohnson.ch/git-signify/). If there's any doubt the key is mine, I gave a [Libreplanet talk](https://media.libreplanet.org/u/libreplanet/m/taking-back-the-web-with-haketilo/) with my public key in the slides five months ago and I have an unbroken history of public keys going back to December of 2020 starting with my original [GPG key](/2021/12/30/statement-of-gpg-key-transition/) which I transitioned away from.

If you yourself are an online service provider, please follow my example and offer a Tor onion and/or I2P address to help resist ICANN's power.