One thing I don't really talk about much is that most of my designs work within HTTP and do not rely on DNS.
There are two reasons for this:
- I want to support Onion Services and Tor users in general.
- DNSSEC evangelism sucks.
Post
Replies:
7
Boosts:
3
By "rely on DNS" I mean "doesn't add its own data to DNS records" like some proposals do.
I know Web PKI implicitly relies on DNS to map domain names to IP addresses. I wasn't talking about that.
If you want an indieweb to thrive, and for communications to be private:
Corporations are your adversary.
The US Government is your adversary. (Cloud Act, etc.)
The EU Government is your adversary. (Chat Control, etc.)
The coalitions you want to form are among queer / nerd subcultures.
You want kinksters. You want furries. You want bronies. You want Warhammer 40K players. You want otaku. You want therians. You want juggalos. You want Sonic the Hedgehog fans. You want the cringe TikTokers. You want D&D players and LARPers. You want people who attend Renaissance Festivals. You want people that attend Cowboy Fast Draw events.
You can have all those without the Nazis.
You can have all those without any government's permission.
Without corporate gentrification and rent-seeking.
Both corporations and authoritarianism benefit from centralization.
DNS is ultimately under government or corporate control.
indeed, a .onion is the only FQDN you truly own since you are the [priv] key holder, and the protocol itself enforces and manages e2ee
no registry to put a hold on your domain, no certificate authority to revoke your certs, no DNS
run it on your own server at home safely behind NAT since it's natively a reverse proxy, no need to do firewall management or manage an "edge router"
i cannot wait for the activitypub web stack that is fully compatible with onion services
(i blogged about a dating app idea doing this https://yawnbox.eu/blog/online-dating-with-dignity/)
@soatok I must not understand what a DNS is I thought it was just a big lookup table that points URLs to IP address
@soatok Control of DNS is also not a hard-and-fast guarantee, and imo it's weird it became such an accepted verifier of identity. One of the many eyebrow-raisers in ATProto/Bsky.
@mttaggart Yeah, and it's one of the more common methods for government takedowns.
But if you can run everything over Tor, censorship becomes much more difficult.
