[Freedombox-discuss] Independent email services
Thomas Lord
lord at emf.net
Sun Feb 27 16:57:16 UTC 2011
On Sun, 2011-02-27 at 09:43 +0100, Michael Blizek wrote:
> Hi!
Hi.
> [....] I guess relationships between the
> (sub)domain provider and the user can be much more loose. For example, the
> FB-foundation, debian, hardware vendors and others could register some
> domains in order to give users free subdomains. The freedombox could integrate
> an interface for selecting domains from a list and quick registration. Abuse
> by (sub)domain providers could be further to reduced by requiring them to sign
> a contract to get listed.
This is a really interesting problem. You gave me an
idea for something to put on the FreedomBox Foundation
wishlist: a kind of "Better Box Businesses Bureau" to
reputation track public small business FreedomBox service
providers.
The DNS case, though: Do you mean (A) or (B) here:
(A) The foundation and a few other big orgs buy some domains. They
give subdomains to freedombox users.
(B) Anyone who buys a domain and signs a contract can be registered
as a freedombox subdomain provider. The contract is with one or more
of the big orgs.
I think you mean (B) but I wanted to be sure.
Either way, there is a big bug.
We will have created a centralized database of essentially
all the freedomboxes. Recently, the US government made a mistake and
shut down, en masse, tens of thousands of domains allegedly linked to
child porn -- only to realize a few days later that they only meant to
shut down a few 10s of sites, and that the rest were innocent. The
government did this at the DNS level - it seized the domains.
With what you described, there is a ready-made master list of which
domains need to be shut down to disrupt all freedom boxes. In
most realistic implementations, not only a list of domains but of the
people running them and the easily traced owners of subdomains.
Problems like that make me want to stick mostly with the
friend of a friend model and the small-business-but-
-without-central-registration model.
-t
>
> On 23:15 Sat 26 Feb , Thomas Lord wrote:
> > > There should not be that much centralisation worries
> > > as long as there are enough (sub)domain providers you
> > > can choose from.
> >
> > For example, in my extended family there are a few
> > of us who are tech-savvy. We could coordinate to
> > set up and share out domains, a fat pipe, hard-to-
> > admin services and so on ... while other relatives
> > can still use their personal boxes for easier to admin
> > and most private stuff.
> >
> > I think that is towards the right model of how these
> > things get deployed: they are "sold" (or otherwise
> > got in the hands of) real world groups --- tribes ---
> > whether that means friends and family, clubs,
> > samizdat societies or what have you. Within each group,
> > there are specialized roles.
>
> This is certainly a way to do it. But I guess relationships between the
> (sub)domain provider and the user can be much more loose. For example, the
> FB-foundation, debian, hardware vendors and others could register some
> domains in order to give users free subdomains. The freedombox could integrate
> an interface for selecting domains from a list and quick registration. Abuse
> by (sub)domain providers could be further to reduced by requiring them to sign
> a contract to get listed.
>
> If this is not enough, we could still do this with tor-hidden services or
> "real" domains, the friend to friend model you have suggested or some kind of
> decentral name services.
>
> -Michi
More information about the Freedombox-discuss
mailing list