[HN Gopher] Government URLs that don't end in .gov
___________________________________________________________________
Government URLs that don't end in .gov
Author : notmysql_
Score : 119 points
Date : 2023-07-23 16:08 UTC (6 hours ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| dudeinjapan wrote:
| So every time the FBI/CIA sets up a domain for a sting operation
| it has to be listed here? Seems like an Achilles' heel, no?
| pc86 wrote:
| What says it _has_ to be listed here?
| dudeinjapan wrote:
| https://search.gov/about/policy/govt-urls.html
|
| "Federal executive branch agencies must ensure their non-.gov
| or .mil domains are on the list."
|
| Also on this page, there is an "out of scope" list which only
| includes 4 things: SaaS, cloud resources, SNS sites, and code
| repos. I take the govt at its word--it has never lied before
| --so naturally covert ops must be "in-scope".
| pakyr wrote:
| > This repo contains USA.gov's list of _public government
| domains and URLs_ that don 't end in .gov or .mil.
|
| Definitely not.
| captn3m0 wrote:
| Interesting related thing from India: the official TLDs as per
| the guidelines are .gov.in and .nic.in, and both are registered
| as a public suffix (legacy, from when the list was created).
|
| However the government created a separate Section 8 company
| called Digital India corporation that runs a separate group of
| websites for Citizen Outreach called MyGov, which runs a separate
| subdomain for these: mygov.in. Unfortunately, they haven't gotten
| around to registering it as a public suffix, so there are
| concerns around security (cookies are shared between completely
| separate sites). The public suffix list doesn't accept
| contributions without authorisation anymore, so it's unlikely to
| be fixed.
|
| There's also the interesting case of some government sites
| preferring .org.in to showcase independence from government
| interference- RBI, for eg (the central bank) runs at rbi.org.in.
|
| I wrote a few more findings when I created a list back in 2020:
| https://twitter.com/captn3m0/status/1301613472615030784
| ulrischa wrote:
| Gov is a horrible because it is exclusively for US. It would be
| better if all governmental intitutions in the world could have a
| gov domain. Much better trust and verification
| debugnik wrote:
| The word for government in most languages doesn't start with
| gov-, so no thanks.
|
| I'd personally suggest the opposite, the US switching to
| .gov.us and .edu.us, but consensus in this thread seems to be
| that "everyone" already knows those are US-only anyway, where
| "everyone" of course means Americans; even "too late to change"
| is a better argument than that, IMO.
| nodesocket wrote:
| tva.com. That's gotta be worth some money now.
| xn--cr8h wrote:
| Sort of funny that the README never mentions _which_ government
| they 're talking about. Classic USA trying to make sure everyone
| knows they're the most important country in the history of planet
| Earth
| caseyohara wrote:
| It's implied which government they are talking about because 1)
| .gov is only used by the US; and 2) The GitHub account is GSA -
| U.S. General Services Administration.
| bbno4 wrote:
| It's only implied if you're from America and know that GSA
| (which does not contain US in the acronym) is US.
| [deleted]
| tamimio wrote:
| Same here, it took me few seconds to realize it was a US only.
| Usually this is the mindset of "Murricans", on the internet or
| otherwise, where sometimes you ask someone "where are you
| from?" And they proceed to mention the state or worse, the
| state nickname/short name as if you are living in US, it's
| hilarious when they are meeting with people who aren't in the
| Americas continent at all :)
| rootusrootus wrote:
| I've met a fair number of people internationally and I could
| probably count on one hand how many of them didn't know that
| Oregon was a US state.
|
| It could just be that I'm meeting with more educated folks,
| granted.
| tamimio wrote:
| You might argue that, but the point isn't about the
| receiver/listener side, but rather the speaker, obviously
| knowing where X will be about that person knowledge in
| geography, but for the speaker to assume that everyone you
| are talking to as if they are living in the same country as
| him/her, imagine you are talking to someone from .. say
| Thailand, and instead of mentioning the country, they say
| they from Phayao -a province name, of course, if you happen
| to be knowledgeable in that region geography or visited
| before you might know, but it's still a communication
| hurdle to assume everyone will.
| nobody9999 wrote:
| >you ask someone "where are you from?"
|
| Generally, I'll answer with "The place so nice, they named it
| twice."[0]
|
| [0] I wasn't sure if I wanted to include an actual reference
| to define that, but here you go[1].
|
| [1] https://www.barrypopik.com/index.php/new_york_city/entry/
| new...
|
| Edit: Fixed typo.
| topkai22 wrote:
| Briefly scrolling through the the list for really weird ones and
| " war-on-pineapple.com" jumped out at me.
|
| Turns out it's not a USDA campaign, but is associated with a CISA
| campaign to explain foreign influence operations focused on
| divisiveness.
|
| CISA produced a quite good one pager:
| https://www.cisa.gov/sites/default/files/publications/19_100...
|
| Sadly the domain is inactive, but they helpfully included an
| archive.org to show some of the additional content (how the CISA
| director executed a pineapple op on Twitter):
| https://web.archive.org/web/20190726194709/https:/twitter.co...
|
| And for the record- pepperoni pineapple jalapeno pizza is
| delicious.
| user__name wrote:
| Here are all domains, extracted: 94 army as biz cc cfm ch cn co
| com com de Domain name edu gov gu helenapj htm info int io me mn
| mobi mp ms net nl online org org pr sc tips travel tv tw us vg vi
| wiki ws xyz
| gr33nq wrote:
| I went through the process of registering a .gov domain recently
| and it definitely takes a couple of months. It requires a letter
| of intent, wet signatures from elected official(s) on official
| letterhead, a phone call to a publicly listed number of an
| elected official, 2FA enrollment for the management of DNS/WHOIS,
| and a period of time in between some of these steps for some
| behind-the-scenes verification to take place. Despite the many
| steps, I did find it relatively straightforward and appropriate
| given the exclusivity of the TLD. In fact, the most difficult
| part (that I'm still working through) is convincing management
| that we should make the full migration to the .gov now that we
| have it registered...
| xmprt wrote:
| What type of organization are you operating where you'd need a
| .gov? Is this a government organization (like a local
| government or city hall)? Or is it possible for even random
| non-government related non-profits to have legitimate uses for
| .govs?
|
| Edit: I was mostly commenting on this.
|
| > In fact, the most difficult part is convincing management
| that we should make the full migration to the .gov
|
| It sounds like the most difficult part of getting a .gov is
| having a legitimate government entity and having a purpose that
| needs one.
| lolinder wrote:
| Eligibility requirements are here [0]. You have to be
| connected to a government entity, no private nonprofits are
| eligible.
|
| [0] https://get.gov/registration/requirements/#eligibility
| gr33nq wrote:
| You must be an official government entity at a local, state,
| or federal level. This can include cities, counties, special
| districts, joint power authorities, state offices, etc.
| smeyer wrote:
| I would hope that random "non-government related non-profits"
| aren't using .gov domains. Isn't the whole point of the
| domain that it's just for government entities?
| bombcar wrote:
| even usps.gov just redirects to usps.com which I feel is a
| bit of a loss.
|
| Lots of small towns have dot coms when they could have dot
| gov.
| asperous wrote:
| USPS I think from a branding perspectives wants to be
| compared to retail shipping and not come across and some
| stuffy/slow bureaucratic agency, even though they totally
| are.
| CSMastermind wrote:
| It does feel like the redirect should go the other way
| around.
| SeanLuke wrote:
| My favorite is definitely Smithsonian. They're very, very proud
| that they are _si.edu_.
| brown wrote:
| My favorite URL oddity has to be "id.me" for U.S. Citizen
| identity services.
|
| Seems a bit odd to use a Montenegro domain, doesn't it?
| ehPReth wrote:
| It seems to be run by a third-party company that the government
| latched on to for some reason:
| https://en.wikipedia.org/wiki/ID.me
| abeyer wrote:
| There was another one (census, maybe? can't recall which agency
| it was) using a .gd for a while, too... don't see it on the
| list anymore. Not sure who signed off on putting government
| services behind the "control" of a country we've invaded
| before.
| sebmellen wrote:
| http://war-on-pineapple.com is purportedly owned by the
| Department of Homeland Security. It's a dead link, unfortunately.
| What a curious domain!
|
| [0]: https://github.com/GSA/govt-
| urls/blob/main/2_govt_urls_feder...
| seeknotfind wrote:
| We need a government root CA more than a government TLD. Domain
| names aren't even the only thing we should attest.
| zirgs wrote:
| It's unlikely for a scammer to get a gov domain.
| rileymat2 wrote:
| Define unlikely? https://www.pcmag.com/news/its-now-a-bit-
| harder-to-register-...
|
| Because it was possible, maybe better now!
| Caligatio wrote:
| This sounds like a decent idea until you realize that means one
| of two options:
|
| - A US Government controlled CA root preinstalled on computers.
| Privacy advocates would be in arms. - Constant untrusted CA
| warnings when trying to access any government site.
| Abekkus wrote:
| Does our CA/browser infrastructure prevent the government
| from registering a trusted .gov CA instead of a trusted root
| CA?
| ComputerGuru wrote:
| It currently does, unless they get a cert cross-signed from
| a CA that's in the root CA list.
|
| Which is a problem with the root cA design.
| toast0 wrote:
| NameConstraints seem to be well supported now, although the
| farther away from browsers you go, the harder it is to know
| for sure. That said, I'm not aware of any active use. Some
| root programs constrain some of the roots within, but
| afaik, not by having an x.509 cert with name constraints.
| [deleted]
| nickname-derail wrote:
| Root CAs can be configured to only attest certain TLDs (in
| this case .gov) via X509v3 Name Constraint.
|
| This is how dn42 does it:
| https://dn42.dev/services/Certificate-Authority.md
| dweekly wrote:
| What about a "root" CA only capable of signing .gov
| certificates?
| jowea wrote:
| Brazil had trouble somewhat like that.
| https://bugzilla.mozilla.org/show_bug.cgi?id=438825
| xg15 wrote:
| What exactly are you (or they) afraid of? NSA/FBI/CIA/DHS/etc
| impersonating other sites using the government CA?
|
| Before Certificate Transparency, I'm pretty sure they already
| could do that relatively easily by forcing a private CA to
| make them a cert. (National Security Letters and all that
| fun)
|
| Even now, with CT, I think they'd be more inclined to use a
| private or at least an "unofficial" CA, instead of basically
| leaving "your's truly, The Government" in the CT log. If you
| already know you'll leave a trace, why would you want to make
| that trace extra obvious?
| somat wrote:
| Have you seen the state of the root ca bundle? As far as I
| can tell it has every national CA except the US.
|
| Do you really trust the turkish government with the ability
| to sign for any domain.
|
| Some days I consider tearing out the whole thing and
| rebuilding with the 3 CA's I actually care about. but then I
| usually give up as too much hassle.
| cesarb wrote:
| > As far as I can tell it has every national CA except the
| US.
|
| Annoyingly, it doesn't have my country's national CA
| hierarchy
| (https://bugzilla.mozilla.org/show_bug.cgi?id=438825).
|
| Why is it annoying? Because it means you have to add it
| manually, and manually added root certificates have _more_
| power than the root certificates that come with the
| browser! In particular, they can bypass HPKP
| (security.cert_pinning.enforcement_level defaults to 1).
| jabroni_salad wrote:
| The pentagon takes approach 2. Most people never need to
| access a .mil anyways, but if you need to work with their
| office (I had a dealership leasing cars to them needing to
| use a web portal) then you have to install their cert bundle.
| Caligatio wrote:
| I am unfortunately aware. To make matters worse, the
| preferred install mechanism is a .exe that adds all of the
| opaquely named DOD CAs to your machine.
|
| Regardless, this puts you back at a US Government
| controlled CA being on your machine.
| smitty1110 wrote:
| You might not be up to date, you are now able to run the
| executable without admin privileges to do a local user
| only installation.
| Abekkus wrote:
| GSA had that chance when they wrote the _rules_ for all
| government services to use https. They didn't even offer
| letsencrypt, much less build their own CA. The corporate CAs
| wanted their cut of more tax money.
| nickname-derail wrote:
| I was pretty sure there is already one for the US Gov but
| according to [1] only the Gov of HK, Spain, Netherlands and
| Turkey [2] have one.
|
| [1] https://ccadb.my.salesforce-
| sites.com/mozilla/IncludedCACert... [2] There seems to be a
| Mozilla applied constraint for .tr only
| KolmogorovComp wrote:
| Title should state "US Government..."
| bombcar wrote:
| United States Government, a wholly owned subsidiary of
| Halliburton(tm), brought to you by Walmart(r) in partnership
| with McDonalds(tm) and Coca-Cola(r), if you want to be
| pedantic.
| Miner49er wrote:
| It's kind of implied, right? Since .gov is only for the US.
| Zetice wrote:
| I'm surprised how many people here aren't aware of this.
| kevin_thibedeau wrote:
| At this point most internet users are digital natives who
| don't know how things worked before eternal September.
| rootusrootus wrote:
| This is becoming quite clear, and it's fascinating. I'm
| an old timer and assumed that people mostly had an idea
| how the Internet worked, especially on HN. Apparently
| not. The history is getting forgotten.
| lol768 wrote:
| > It's kind of implied, right?
|
| No. https://gov.uk is a "government URL" and it's one that
| doesn't end in ".gov".
|
| The title should be "US government URLs that don't end in
| .gov"
| syncsynchalt wrote:
| The most egregious of these to me is moneyfactory.com (the Bureau
| of Engraving & Printing).
|
| It reads as very low-rent considering it's the printing press of
| the US Dollar. If they reached out to me I'd think it was a weak
| scam.
| CameronNemo wrote:
| Apparently they also have moneyfactory.gov
| cobalt wrote:
| It might be parked to prevent scams
| rootusrootus wrote:
| The Bureau of Engraving and Printing just produces paper.
| Pretty paper that looks a lot like US dollars, but isn't in
| fact US dollars until the Federal Reserve Bank takes possession
| and issues it.
|
| In any case, moneyfactory.com is just a redirect to bep.gov, so
| I'm not sure what the big deal is. The average person's
| interaction with the BEP, aside from handling paper money, is
| probably at their gift shop. Having a cutesy name probably made
| sense at some level.
| tamimio wrote:
| [flagged]
| [deleted]
| rig666 wrote:
| A few years ago I was hired on at my local sheriff's department
| and I was so disappointed that we did not have a dot gov domain.
| ComputerGuru wrote:
| You could have gotten (them) one - it's actually not an onerous
| process!
| graypegg wrote:
| I've always thought it was weird that the Canadian federal
| government uses canada.ca almost exclusively. You see a lot of
| https://service-service.canada.ca/sign-up-sinscrire.aspx
|
| .ca is open for registration by anyone, and people are used to
| seeing that TLD. Combine that with the bilingual super long
| domain names and every once in a while you'll see a phishing scam
| like: https://service-service-canada.ca/sign-
| up-sinscrire.aspx
|
| CIRA could set up a .gov.ca second level or something if they
| really wanted to keep the .ca, but I don't think that will happen
| at this point.
|
| It's at least consistant in looking like a phishing scam!
| lolinder wrote:
| > CIRA could set up a .gov.ca second level or something if they
| really wanted to keep the .ca
|
| As has been noted elsewhere in the thread, Canada wouldn't be
| eligible to use bare .gov if they wanted to, because it's only
| for US government entities.
| [deleted]
| TheGeminon wrote:
| We do have gc.ca, but I think it's maybe legacy?
| https://www.servicecanada.gc.ca/tbsc-fsco/sc-hme.jsp?lang=en...
| works but servicecanada.gc.ca redirects to canada.ca
| Sanzig wrote:
| .gc.ca exists for that exact purpose. It has the advantage of
| being bilingual ("GC" expands to both "Government of Canada"
| and "Gouvernement du Canada", .gov.ca omits the "u" in the
| French word _gouvernement_ ).
|
| I believe the canada.ca thing relates to the centralization of
| federal government IT under Shared Services Canada (SSC) in
| 2011. SSC is an attempt to make a "one stop shop" for
| government IT services, and Canada.ca is an extension of that
| philosophy to web presence.
|
| As an aside, SSC is very controversial in the Canadian federal
| government. They have a reputation for glacially slow delivery
| of services and inflexibility in IT policies. The head of
| StatCan actually resigned in 2016 in protest as a result of
| problems with SSC [1]. They have gotten better since then but
| it's still rocky.
|
| [1] https://www.cbc.ca/news/politics/statistics-canada-
| interview...
| graypegg wrote:
| I completely forgot about gc.ca. I'm surprised they haven't
| kept with it! Didn't know about SCC, resigning over that is a
| pretty strong indicator of how the internals of the federal
| government's IT decision makers work haha.
| samwillis wrote:
| I think it's particularly interesting that the US use .gov and
| not .gov.us (as a Brit). I'm sure there are oversights on who can
| acquire an inherently international .gov domain, but for example
| here in the UK .gov.uk domains have a strict application process
| [0] managed by central government.
|
| It just seems to me that it would be more secure, and more
| reassuring to citizens and visitors that they are on the correct
| site it's under a cctld that's clearly affiliated to and managed
| by that government.
|
| 0: https://www.gov.uk/apply-for-and-manage-a-gov-uk-domain-name
|
| --
|
| Edit: turns out .gov is exclusively for the US, not sure I feel
| good about that, particularly as _.com and .net are very much not
| just for the US_.
|
| The possibility of the US government creating a .gov specifically
| to confuse uses in a foreign country isn't ideal.
|
| I get it, you invented the internet, but the special status you
| have over it is a little frustrating.
|
| https://www.whitehouse.gov/wp-content/uploads/2023/02/M-23-1...
| OJFord wrote:
| Isn't it just that .gov _is_ the US one? Like .com vs. .co.uk
| (though since it 's not actually important that's blurred) or
| .org vs. .org.uk.
|
| Or .edu vs. .ac.uk; .mil vs. .mod.uk.
|
| They got there first and just spread over TLDs before
| consigning other nations to fit under one I suppose.
| newshackr wrote:
| I was under the impression that the US government controls /
| owns .gov
| umanwizard wrote:
| Yes, exactly. .gov is US-specific and controlled by the US
| government.
| OJFord wrote:
| Yes exactly. So there's no need to use gov.us, but there
| isn't a 'ukgov' TLD, so gov.uk makes sense.
| sigmoid10 wrote:
| .com, .org and nearly all original TLDs are used
| internationally, though there are also local derivatives like
| co.uk. Even .edu used to be available internationally. I
| suppose most people have realized by now that .gov is
| strictly US, but it's not like that was obvious from the
| naming scheme alone.
| pc86 wrote:
| > it's under a cctld that clearly affiliated to and managed by
| that government.
|
| Maybe this is my latent American nationalism showing, but isn't
| .gov "clearly affiliated to and managed by" the US government?
|
| I think this bit was added as an edit or maybe I just missed
| it:
|
| > _an inherently international .gov domain_
|
| .gov is not inherently international for all the reasons in
| this subthread (and probably others as well)
| pests wrote:
| I don't think thats clear at all. We have three people in
| this thread already confused on the issue.
|
| I think the poster wasn't talking of the US government but of
| knowing which government a domain is related to by just
| looking at it. ".gov" is not clear while ".gov.uk" is clear
| due to the ccTLD.
|
| > but isn't .gov "clearly affiliated to and managed by" the
| US government
|
| I would say no. What makes it clear to you?
| topkai22 wrote:
| All the documentation is very clear and the behavior is
| consistent. It's sub optimal for countries utilizing a
| .gov.{country code} scheme, but it would be extremely
| expensive to change. Many non English speaking countries
| use a different abbreviation for their word for government,
| so it's hard to argue that the status quo has to change to
| benefit "everyone."
|
| The us also has .mil locked up for mostly purposes.
| umanwizard wrote:
| > What makes it clear to you?
|
| Not the OP, but also American. For me it's clear because
| I've never seen a US government site on a non-.gov domain
| (though apparently some obscure ones exist as this
| submission points out), nor have I ever seen a non-US-
| government site on .gov.
| pests wrote:
| > some obscure ones exist
|
| The submission includes over 400 domains for the federal
| only list. That is more than "some obscure ones"
|
| > nor have I ever seen a non-US-government site on .gov
|
| How often are you going to non-US-government government
| sites? Being an American I could imagine you hardly if
| ever interact with any other government sites so maybe
| that could be attributed to selection bias.
| kortilla wrote:
| I go to foreign gov sites just as frequently as US ones
| because I travel internationally.
| umanwizard wrote:
| > The submission includes over 400 domains for the
| federal only list. That is more than "some obscure ones"
|
| The number has nothing to do with how obscure they are.
|
| > Being an American I could imagine you hardly if ever
| interact with any other government sites
|
| I have interacted with them many times. (1) to fill out
| various Covid-related entry forms when those were widely
| required, (2) to apply for visas, (3) purely out of
| curiosity (e.g. I'm sometimes curious what travel
| warnings/advisories other countries' foreign ministries
| put out and how they compare with our own).
| pc86 wrote:
| Honestly, I don't believe that anyone is truly "confused"
| about the source of a .gov website, especially folks who
| are reading HN on a weekend. They might view it as
| arbitrary (it's not, really) but it's certainly not a "oh
| man I just don't understand how this could be the case"
| level of confusion.
|
| I won't go so far as to say that the internet is an
| American invention but it was certainly primarily American
| in origin. .gov has been managed by the US government since
| the beginning.
| retrac wrote:
| I suspect it depends on whether you know your early
| Internet history. The Internet was a US research and
| military project at first. It was US-centric for a long
| time. The original top level domains are all US-centric.
| Walmart.ca is Walmart Canada. Walmart.com is Walmart
| America. Similarly, .mil, .edu are for the US military and
| American universities. .gov fits into that scheme and if
| you know the rest it would follow that it's for the US gov.
| paxys wrote:
| .gov is managed by the US government in the exact way you
| describe. There is nothing "inherently international" about it.
| It isn't meant for anyone outside of US government agencies.
| NoZebra120vClip wrote:
| Let's be specific though: .gov is available for any
| government within these United States, whether it be federal,
| state, local municipality, territorial, or tribal government.
| In fact, all major cities I just spot-checked have .gov
| domains. I wonder how many are clinging to <city>.<state>.us?
| At least as a CNAME? ...none of those which I just spot-
| checked.
|
| Plenty of exceptions abound, though:
| https://en.wikipedia.org/wiki/.gov#Use
| [deleted]
| dec0dedab0de wrote:
| This got me thinking about cookie scope, and I have a feeling
| that domaina.tld. and domainb.tld. is always safer than
| domaina.gov.tl. and domainb.gov.tld.
|
| I might be way off here, but I think that means either domain
| could set a gov.tld cookie which is sent to all domains, and if
| one of them is reading cookies without checking scope it could
| be a way to send whatever to another server. Or even worse, if
| one of the sites is using gov.uk cookies for something
| sensitive, then any of the others could read it.
|
| Does anyone know if browsers have special cookie scope
| considerations for things like .gov.uk and .co.uk?
| CodesInChaos wrote:
| Browsers use the public suffix list to determine cookie
| scope. So .co.uk domains are just as isolated from each other
| as .com domains.
|
| You can even get your own domains added to it, typically
| because you allow users to host their own content on a
| subdomain (like github.io for github pages).
|
| https://publicsuffix.org/
| [deleted]
| easton wrote:
| My guess is that it's because the US built the thing, they
| decided .gov was to be for US Government sites. Then when other
| countries joined they got their own TLDs, which they added a
| .gov.<tld> to for their own purposes.
|
| https://en.m.wikipedia.org/wiki/.gov (Which seems to make my
| guess right, .gov is operated by the US Government)
| jomar wrote:
| That was introduced in 1985, almost 40 years ago.
|
| For how many decades is this going to be a reasonable
| argument?
|
| In 100 years, will it still be reasonable for the USA to say
| "we built the thing, so it is appropriate for us to continue
| to be the default country in domain names. The rest of you
| must use your ccTLDs, but we remain special."
|
| In 200 years?
|
| The only non-pathetic option is for the United States to
| transition to using its .us ccTLD for governmental and
| military domains in particular, with .edu and probably some
| others not far behind. The only question is how gradual the
| process is, and when it starts.
| frankfrankfrank wrote:
| [dead]
| evanb wrote:
| The UK doesn't put the country of origin on their postage
| stamps, because they invented them [1], so there were no
| ambiguities to lift.
|
| That's the same reason the US is +1 country code and holds .gov
|
| [1]
| https://en.wikipedia.org/wiki/Postage_stamps_and_postal_hist...
| Teever wrote:
| https://www.quora.com/Why-doesnt-the-United-Kingdom-have-the...
| samwillis wrote:
| That's settled, we're even.
|
| > _Why doesn 't the United Kingdom have the name of the
| country on its stamps?_
|
| > _Because the United Kingdom had the privilege of being the
| first country in the world to introduce postage stamps,
| meaning that they did not need to be identified as coming
| from that country, especially when used domestically._
| freitzkriesler2 wrote:
| "turns out .gov is exclusively for the US, not sure I feel good
| about that, particularly as .com and .net are very much not
| just for the US.
|
| I get it, you invented the internet, but the special status you
| have over it is a little frustrating."
|
| I bet America having +1 as our country code bothers you too :P
|
| America numba 1! /S
| Aaron2222 wrote:
| Hate to break it to you, but Canada uses +1 as well[0].
|
| [0]:
| https://en.wikipedia.org/wiki/Telephone_numbers_in_Canada
| ourmandave wrote:
| Do .gov's have to be renewed every year with ICANN?
|
| What if a dept lets theirs lapse and some squatter swoops in
| and takes it?
|
| We'll start the bidding at $1B USD...
| xmprt wrote:
| I'll pay for the domain if you find a way to buy a .gov as
| easily as you can buy a .com. I don't even think a regular
| citizen can get a .gov unless you incorporate a new city or
| something like that.
| chungy wrote:
| the gov TLD is managed by the US government. It's very rare
| that you renew anything with ICANN, since you're almost
| always going at least to the entity that manages a TLD
| (unless you run a TLD, then I guess there'd be an ICANN fee).
|
| If you have a .com domain, you're renewing with VeriSign, the
| company that owns the com TLD.
| NoZebra120vClip wrote:
| Currently, the .gov sTLD is administered by the
| Cybersecurity and Infrastructure Security Agency.
| thiht wrote:
| You're confusing TLDs and domain names.
| 8organicbits wrote:
| ICANN has lots of rules around TLD assignment, so squatting
| .gov doesn't seem possible. But some have recurring cost.
| Here's gTLDs:
|
| > a fixed fee of US$6,250 per calendar quarter; (b) and a
| transaction fee of US$0.25. [1]
|
| .gov is not a gTLD, I'm not sure what financial
| relationship exists, if any.
|
| [1] https://newgtlds.icann.org/en/applicants/global-
| support/faqs...
| SeanLuke wrote:
| Note that .gov predates .uk. .gov was made in 1984, and .uk was
| issued in 1985.
| DamonHD wrote:
| And I think that my company issued the first .gov.uk, which
| would have been about a decade later...
| gumby wrote:
| > I'm sure there are oversights on who can acquire an
| inherently international .gov domain,
|
| There's .INT if you have a use for one.
|
| > turns out .gov is exclusively for the US, not sure I feel
| good about that, particularly as .com and .net are very much
| not just for the US.
|
| This goes back to when the DNS was designed in the late 70s.
| Things were different back then (remember the big-endian
| british addresses, gb.corp.foo IIRC).
|
| And I see you haven't learnt about .MIL yet either...
| [deleted]
| [deleted]
| mozman wrote:
| Fun fact: I briefly had a .gov domain in the early 90s through
| internic until they figured out I was not a government agency
| 0xE1337DAD wrote:
| .mil too
| bombcar wrote:
| .com and .net and .org are only "internationally available"
| because the registrars didn't care to restrict them (IIRC, one
| of them was moderately restrictive in the beginning, perhaps
| .org requiring an actual organization of some sort).
|
| .mil is also US only.
|
| The real hotness is to host on .arpa -
| https://blog.fhrnet.eu/2019/03/13/fun-with-arpa-domains/
| LelouBil wrote:
| Even in France most government websites use ".gouv.fr" (gouv is
| short for gouvernement, aka government).
|
| Even if it's not exactly ".gov" they still mimicked it.
| LordShredda wrote:
| Much like the gouv.qc.ca suffix.
| remram wrote:
| I got an official email from New York State's Office Of The
| Comptroller with a link to osc.state.ny.us. It came from an email
| address @osc.ny.gov. I don't understand why they couldn't use an
| official TLD in the URL too.
| toast0 wrote:
| state.$STATE.us is an official domain, too. In the before
| times, .gov was intended for the US Federal government, and
| states were expected to use space within .us.
|
| It got rather messy when the Feds started letting states get
| delegations under .gov and .us was opened to registration of
| second level domains and new multilevel delegates became
| discouraged or disallowed.
| remram wrote:
| state.ny.us and www.state.ny.us don't even resolve though.
| What a mess.
|
| The net result is that the Comptroller's new program trying
| to get everyone their missing funds is sending email that
| exclusively arrive in people's spam folders.
| pc86 wrote:
| I used to do contracting work for a state government agency
| (that also owned the .gov and .us domains), and they had rules
| about what could be hosted on .gov vs. .us that were
| sufficiently restrictive that I was told on the first day that
| we only ever deploy things to .us. Perhaps something similar
| exists for NY, and/or that "rule" was actually federal?
| bobthepanda wrote:
| .nyc is also a government TLD.
| Abekkus wrote:
| I saw a similar problem at dhs. The contractors who run email &
| office software don't talk with the contractors who run their
| web presence, on two completely separate domains. Lots of US
| gov orgs use way too many contracts instead of staff.
| vladharbuz wrote:
| Always found it arbitrary that .gov is only for use by the US.
| pc86 wrote:
| Had another country had a primary role in inventing the
| internet, they would probably have it (or more likely, the US
| would be .gov.us and everyone else would be whatever they are
| today).
| kanbara wrote:
| CERN / Switzerland would like a word
| pakyr wrote:
| The internet != the world wide web.
| pc86 wrote:
| > > primary
| umanwizard wrote:
| The WWW was invented at CERN in 1990, whereas the .gov TLD
| dates from 1985.
| rootusrootus wrote:
| Hell, CERN's involvement barely pre-dates my own domain.
| Pretty sure they didn't invent the Internet.
| thiht wrote:
| Other countries could create their gTLD as they see fit: .gouv,
| .ukgov, etc.
|
| They instead prefer using a SLD (like .gouv.fr) because they're
| complete owner of their ccTLD. ccTLDs are not affiliated in
| anyway with ICANN. I'm guessing .gov is a special case
| nowadays, and probably considered like a ccTLD from the ICANN
| point of view, I'll have to look into it
|
| Edit: it seems like gov is considered as a Sponsored TLD[1]
| (sTLD). Not sure what it implies.
|
| [1]: https://icannwiki.org/STLD
| zokier wrote:
| > ccTLDs are not affiliated in anyway with ICANN
|
| ccTLDs delegations are managed by IANA, who are owned by
| ICANN
| giobox wrote:
| While its true there is still a relationship back to ICANN
| for ccTLDs, politically it would be a shitstorm of epic
| proportions if the US/ICANN interfered in the
| administration of ccTLDs - most countries (understandably!)
| see their ccTLD as an increasingly sovereign thing that is
| naturally owned by the State, not the registrars or domain
| name registration system.
|
| While it might be technically possible for ICANN to make
| certain adjustments to the ccTLD system or the registration
| requirements, politically its much much harder and gets
| harder still with time. Imagine the response from most
| soverign states etc if their own ccTLD was meddled with in
| a manner they didn't appreciate.
|
| ICANN has slowly tried to move more and more of the ccTLD
| stuff to international working groups ("Governmental
| Advisory Committee") to put clean air between the US and
| ccTLDs, but the link is still there:
|
| https://gac.icann.org/
|
| https://gac.icann.org/principles-and-
| guidelines/public/princ...
| xwdv wrote:
| It'd be more interesting to see a list of sites that end in .gov
| but aren't government associated. I feel like the creation of
| such a site would involve some inside connections and shady
| backroom deals.
| eduction wrote:
| [makes an authoritative list of non gov federal sites so you know
| you can trust them even though they're not at dot gov]
|
| [puts that list at a non dot gov website]
___________________________________________________________________
(page generated 2023-07-23 23:01 UTC)