1. 43
    What domain would you choose for your personal blog? ask web

Let me clarify this first: I’m just asking for opinions and I I would appreciate it if you just answer hypothetically. I know I’m not in danger of anything and I know I worry for stupid stuff, I just want to know your answer, not whether I’m right or not. And I thank you in advance for your answer. You take time to write the answer I appreciate it a lot. Thank you very much.

Now the question. My blog is being published under a .com tld. Now you surely know how United States government has power over all com and net tlds (among other ones of course).1 and I have a problem with that. As an Iranian, I’ve seen many domain names of my fellow Iranians being seized for reasons like spreading misinformation or simply being Iranian.

For example, Iranian Bank Saman’s sb24.com domain was seized (or taken away) because of sanctions.

I’m paranoid and I worry for stupid stuff. I know I’m not in danger of anything but I just don’t like the fact that United States government can seize my domain name just because. Now, I was thinking about switching to .org (from my current .com) but well the authority behind .org is American as well. However, they don’t have a history of seizing domain names.

Should I change my .com to .org? Now that doesn’t really change the fact that US can easily seize the domain but should I do it? Will it make it harder?

There’s also ccTLDs like .se or .ch or .no. For example, Pirate Bay domains were seized and they switched to .se. Even with them in jail, their .se domain is still active so I think switching to .se (or similar ccTLDs) makes sense.

I also can switch to .ir (ccTLD for Iran) but you know how authoritative regimes act. I don’t want to jump from one problematic country to another.

Now my question is that if you were to start a blog, what domain extension would you choose, if you had to consider what I said as well as other factors.

  1.  

  2. 28

    The biggest problem you’ll have with evading sanctions in this manner is US OFAC Sanctions are applicable to any business that transacts in USD, which is basically the entire tech sector.

    I’d suggest dual stacking, with a ‘local’ .ir domain to guard against the case where an ‘unfair’ set of sanctions is levied against Iran again that would cause you to lose another domain, and a domain from a European liberal democracy (like .is suggested in another comment) to guard against the “Revolutionary Guard doesn’t like my posts” case.

    1. 19

      This. You have to identify your threat model before defending against it.

      If your threat models are the US and Iran, in my view you can go with countries that are either too enlightened and self-sufficient to care much about their beef with each other or their own citizens (.is, .se, .ch, etc), or countries that are too small and mercantile for them to care much about (.io, .to, etc.) Of course, nothing is going to really save you from a determined state-level attacker.

      1. 11

        or countries that are too small and mercantile for them to care much about (.io …)

        .io isn’t run by the country it supposedly represents.

        1. 3

          But it is run by a small and mercantile one :)

        2. 3

          Except for .onion I think.

          1. 2

            exploits are cheap.

        3. 4

          It’s worth noting that there are basically three cases where you need to care about the US blocking your blog:

          • You live in a country that the US places under embargo.
          • You have a legal judgement against you in the USA.
          • You become a person designated as a terrorist by the US intelligence agencies.

          In the first case, you have many, many other problems with anything technology related and you’re best off looking at a complete hosting stack in your country or a friendly one. Whether you can reach people in the US is a separate issue.

          The second one is more likely. If someone in the US decides that you’re infringing their trademark with your domain, for example, then you have to defend the case in the US, which is expensive. In this case, you can lose the domain. The same is true for international trademarks elsewhere, so at least registering in a locale that you can easily travel to and where the rules about who pays costs are friendly to you may make sense. If there is a criminal prosecution of you in the US and you don’t attend the court, then remember that this will make it impossible for you to ever travel to / through the US and may make it difficult for most global financial institutions to do business with you.

          In the third situation, control over your blog is going to be absolutely the last thing that you care about.

          TL;DR: If US government action against you is a realistic part of your threat model, then the domain name under which your blog is registered is the least of your problems.

          1. 3

            In the first case, you have many, many other problems with anything technology related and you’re best off looking at a complete hosting stack in your country or a friendly one. Whether you can reach people in the US is a separate issue.

            This is all true I assume. But at the same time, all of this stuff can be done later. If you can’t use Amazon or Linode or DigitalOcean anymore due to an embargo, you can reasonably quickly move everything over to a cloud which does business with Iranians. But the domain can’t just be moved over; if you write a bunch of content on your .com blog, and links to your blog posts end up all over the place, all those links will break if Verisign doesn’t want to do business with you anymore.

            The only part of the stack which can’t be replaced with an Iranian or self-hosted alternative is the domain, so it makes sense to worry more about that than about everything else.

          2. 1

            This is wise. Thank you.

          3. 10

            You might be interested in this post: https://slc.is/#The%20Best%20TLD%20is%20Not%20.com

            Note there is a Hacker News discussion about this entry, read with a massive load of salt: https://news.ycombinator.com/item?id=28361320

            1. 3

              This is very helpful. Thank you.

            2. 8

              I don’t think it’s paranoid to avoid a US registrar. My American friend with an Iranian last name has had a couple of mysterious banking problems. I think US business want to stay on the legal side of not doing business with Iran, so they just drop anyone who seems like they might be Iranian as soon as they can.

              I’m not sure who would be a better bet though. Under Trump, the US was trying to force other nations to follow our sanctions or get sanctioned themselves. I don’t know if Biden is still doing that or not, but you probably need to find a host that is not in Europe either just to be extra safe.

              1. 2

                My registrar and web host are in Europe. I use Gandi to register my domain and a very generous person hosts my blog in Finland/Germany. However, the problem with .com is that United States goes straight to its authority, Verisign. This happened to many seized domains. So no matter who is the registrar, if it ends in .com, it’s seizable by USA.

                1. 2

                  The US can force US ISPs and many ISPs in allied countries to black-hole your domain in their DNS caching resolvers, at which point you’re only reachable by folks who set up their own recursive resolvers. What is your goal in having a DNS entry if not to be reachable?

                  1. 2

                    That’s more work, though, and harder to do as a single line in a config file. The thing about DNS TLD’s is that it’s an administrative bottleneck. Any defense is going to have multiple layers, and any defense will be able to be penetrated by a sufficiently determined attacker. Just because one layer can be bypassed doesn’t mean it’s worthless.

                    1. 1

                      That is another problem to think about. Thanks for mentioning it. I think the ultimate solution would be using .onion.

                2. 6
                  1. Helping evade sanctions may get people (+on this thread) in trouble. See the North Korea Bitcoin talk case. Also, don’t put your friends in Europe at risk and use something like Github Pages or Netlify to host your site maybe?
                  2. Whatever jurisdiction you choose, make sure to obey their laws. See the recent Protonmail case.
                  3. Some countries are not fans of OFAC sanctions. A Chinese or Russian domain registrar may tell you if your place of residence is a big deal for them or not. Though using their tlds may not be that classy for your blog.
                  4. Don’t evade sanctions (see #1).
                  1. 10
                    1. I don’t think hosting some website breaks sanctions, and if it does, I don’t care about what them as these sanctions are inhumane.

                    2. Nope. If the law is inhumane, I won’t follow.

                    3. China and Russia are no different than Iran and USA so it’s a no.

                    4. I will actually, with everything I can. I don’t care if some Americans think all people of a nationality should live under sanctions and face various troubles and difficulties just because they can’t figure their shit. It’s racist kind of.

                    1. -1

                      What makes these sanctions “inhumane”? They were a response to specific actions by the Iranian government - shouldn’t you be asking them? Moreover, what prevents you from renouncing your citizenship and moving to another country?

                      1. 1

                        What the fuck? First, sanctions target people, not governments. Governments should be responsible, not people. Sanctions are inhumane because it targets innocent people, it fucks everything for innocent people. 40 years of sanctions and it’s only people who suffer from them. Second, you can’t expect people to simply move away from where they always lived and are living. It’s easy for you to say, not for people who live under an authoritative regime, not for people who are sanctioned and their economy is fucked. Not for people who every other government ignore them.

                        1. 1

                          What the fuck?

                          Please don’t display such unprofessional and un-intellectual behavior here - this site is meant for intellectual discussion of technical topics, which you’ve already disrupted with your barely-on-topic post.

                          First, sanctions target people, not governments.

                          This is false - the Iran sanctions target the nation of Iran. You stop being an Iranian, the sanctions stop applying to you - so, by definition, they don’t target people.

                          Sanctions are inhumane because it targets innocent people, it fucks everything for innocent people.

                          No country owes your country any kind of trade deal - nations have the absolute right to refuse to do business with any other nation for any reason. Doing trade with another country is a privilege, not a right. It’s your government that’s responsible for taking care of you, not the United States - and, in this case, it was also the actions of your government that caused the US to sanction you, as they don’t just go around randomly refusing to do business with countries by rolling dice.

                          Second, you can’t expect people to simply move away from where they always lived and are living. It’s easy for you to say, not for people who live under an authoritative regime, not for people who are sanctioned and their economy is fucked.

                          If you’re prevented from leaving your country, then that’s your government that is taking advantage of you, not anyone else’s government, all of which have the absolute right to refuse trade deals with your government.

                          Sanctions are a tool that governments use to shape the behavior of others, and are generally a rather humane alternative to war - and I don’t hear you calling for the US to invade Iran to replace your government. Those are your two options - sanctions and war, because it’s insane to just continue to do trade with an authoritarian government with no repercussions.

                          I know that you have a hard life - but that’s not the fault of the US government, that’s exclusively the fault of the Iranian government. Direct your anger there, where it belongs.

                          1. 2

                            It’s sad to see such uncritical acceptance of the worst parts of US foreign policy being espoused on this site.

                            1. 1

                              Please don’t display such unprofessional and un-intellectual behavior here

                              I apologize for that.

                              This is false - the Iran sanctions target the nation of Iran. You stop being an Iranian, the sanctions stop applying to you - so, by definition, they don’t target people.

                              You just repeated what I said and then claimed they don’t target people. Did you read what you wrote?

                              No country owes your country any kind of trade deal - nations have the absolute right to refuse to do business with any other nation for any reason. Doing trade with another country is a privilege, not a right. It’s your government that’s responsible for taking care of you, not the United States - and, in this case, it was also the actions of your government that caused the US to sanction you, as they don’t just go around randomly refusing to do business with countries by rolling dice.

                              You’re talking about something completely different. What a government does should not put people in this situation. Iranian government is authoritative and not democratic. Sanctioning all Iranian people for what that regime does is inhumane.

                              What you say about other governments wanting to trade is false because many countries want to trade but they can’t because U.S. forces them with its power. Now you can say it’s Iranian government’s fault, and I agree, but people are innocent and sanctioning all people of a nation is inhumane.

                              If you’re prevented from leaving your country, then that’s your government that is taking advantage of you, not anyone else’s government, all of which have the absolute right to refuse trade deals with your government.

                              This is completely irrelevant. Doesn’t matter whose fault it is, U.S., Iran, or any other government, I don’t care what a government thinks about me, I care for people. What Iranian regime does is what any other authoritative regime does, sacrificing people for its own benefits. That is however not a reason for any other government to impose inhumane rules and laws on innocent people.

                              I know that you have a hard life - but that’s not the fault of the US government, that’s exclusively the fault of the Iranian government. Direct your anger there, where it belongs.

                              It is partly U.S.’ fault though. U.S. is not innocent in this. You don’t want to accept it? Fine with me. I’m not responsible for what you believe. I don’t accept what Iranian government does, but that doesn’t mean U.S. is innocent country who is forced to impose sanctions on all people. U.S. is no different than Iran when it comes to human rights, the only difference is that Iranian regime kills its own people more obvious than U.S.

                      2. 5

                        Don’t evade sanctions (see #1).

                        These “sanctions” are only between some countries (like the USA) and Iran. There is a lot of other countries that have actually good relations with Iran, and they aren’t “evading sanctions”: USA doesn’t rule the world.

                        1. 3

                          I was curious about this so I looked it up. This article seems to indicate that this sort of discussion or advice wouldn’t be an issue at all. Also this law seems to say directly providing web hosting or domain name registration wouldn’t be an issue for blogging, etc.

                          I’m not a lawyer, this is not legal advice, etc. I’m guessing these kinds of laws are usually enforced based on politics more than the laws themselves, but who knows.

                        2. 5

                          It is somehwat crazy that .com TLD registries are subverted for political purposes, I feel like they should be neutral (as long as the bank involved is not also involved in funding objectively questionable or violent things, I’m not familiar with the context here).

                          And yeah I also agree with your point that it might not be smart to use an Iranian TLD – especially when it comes to blogging, authoritative regimes seem to be a bit touchy. Any time you hear the word “Iran” and “blogger” in the same sentence in the news, it usually is not a positive story (prison or worse).

                          As a German, I would like to advertise for the .de TLD because it is very affordable – only 5.97€ on inwx.de rather than the 13.69€ you pay for a .com, and also at least to my knowledge it is not involved very much in censorship. The downside is that people often expect content to be in the native language, but that doesn’t matter. You can also just register it as a backup TLD, in case your main one gets in trouble.

                          Another suggestion I have is using the .dev TLDs, because they already imply that it would be a technical blog, and I think they are operated by Google but I don’t think the US government would go through the trouble to censor that TLD, I think their sanctions are mostly only targeted at businesses (rather than personal blogs).

                          1. 2

                            No, the bank was not even sanctioned directly until recently.

                            Correct. For example, Sattar Beheshti was a blogger that was sadly killed in jail. His crime was blogging.

                            I was thinking about .fr, .ch, .se, and .no. What do you think about them? Well I have nothing against .de but Germany usually cooperates with U.S. in these matters.

                            The sanctions and seizing targets everybody, not just businesses. Recently, they seized dozens of domains claiming they spread misinformation. I agree that they spread misinformation and they were harmful websites promoting Iranian regime’s propaganda but seizing domains is not acceptable in any case. Link: https://www.cnn.com/2021/06/22/politics/us-seizes-iran-website-domains/index.html

                            1. 8

                              I did a bit of research. This article claims that .de, .at, .is and .ru are good because those are the only TLDs where censorship can only occur by the federal court. I have checked with DENIC (that are responsible for .de domains) and they affirm this. Federal court decisions here are publicly accessible, so I took a look if I can find any relevant decisions. However, I was able to find barely any, mostly related to objectively criminal matters.

                              1. 4

                                Being the subject of a court decision doesn’t mean much in countries where the independency of courts is questionable (.ru).

                                1. 1

                                  That is very correct.

                                2. 3

                                  Thank you very much. Very helpful.

                                3. 2

                                  I was thinking about .fr, .ch, .se, and .no. What do you think about them?

                                  The problem you may have is that some of those (like .fr or .no) require a presence in the some part of the world: see “Eligibility requirements”. You can pay a service (than Gandi offers sometimes) to have an address in the EU, but that’s quite costly.

                                  1. 1

                                    That is true, but what about the domain extensions themselves? What about legal process and court orders? Should one worry about the influence of USA or other countries?

                                    1. 2

                                      If we refer to this EFF document, your mileage may vary. For .fr for instance, there is removal by arbitrator order based on intellectual property rights. For .fr still, it appears though that the only other venue to get a domain removed is through a French court order, so another country’s order would be scrutinized by a local court.

                              2. 4

                                What I personally did was buy the .com, .org, .net, .me, .fm, and .io domains and have them all point to the one currently in use (.com). If any are seized, I have fallbacks.

                                1. 14

                                  I think you’re rich, I’m not. I live in Iran under heavy US sanctions so paying registrars is very hard for me. And prices are too high too because our economy is fucked, well due to sanctions.

                                  1. 4

                                    That is a good point. I’m not rich for an American, but I am rich compared to the vast majority of people around the world.

                                    In that case, maybe buy a domain that is controlled by a smaller country on friendly terms with the US and Iran? In that case, the US could still strong arm the country, but maybe it would look bad enough that they would not do that for a small target such as yourself. In that case, .tv (Tuvalu), .tw (Taiwan), .kr (South Korea), or .ch might be good options.

                                    I’d keep the .com for a year or two as you make the transition, though.

                                    1. 2

                                      My domain expires in 2024 and I will even keep it after that. I’m thinking about having my blog with multiple domains.

                                    2. 2

                                      If you want something really cheap, there are things like .ovh:

                                      • It’s run by the AFNIC which is non-profit and based in France
                                      • It’s owned by OVH which is a French private company and the largest hosting provider in Europe
                                      • You can buy one even if you don’t live in the EU, and given the French law I think you’re pretty safe to use this as an Iranian unless you host something really terrible on your website.
                                      • It’s basically 3 or 4 US dollars a year (but of course their actual currency is the euro)

                                      The downside is that this TLD is basically an advertisement for the registrar. It may or may not be a problem for you.

                                      1. 1

                                        I actually need something reliable, than cheap.

                                        1. 1

                                          Well even if you don’t mind paying more, the fact that it is managed by AFNIC and open to foreigners (unlike .fr) makes it quite relevant in my opinion. There are probably other alternatives in other European countries though.

                                  2. 3

                                    I would suggest looking at .su domains as a backup (or possibly even a primary). Yes, that’s right, the Soviet Union got a TLD, that’s fallen from its use as a country TLD to a generic one. I don’t remember who handles the .su domains offhand, but the reason I recommend it is that certain other websites (which I won’t mention) that were censored everywhere, from every host (Bluehost, Amazon, Dreamhost) and every US registrar, are currently running off of .su domains.

                                    1. 4

                                      A .su domain is cool, thematically, but it’s run by Mega Discounter, Inc., a US company (New York).

                                      1. 2

                                        Well I think that would still be problematic because of its authority.

                                      2. 2

                                        I spent some time thinking about this 15 years ago, and ended up on a .name that my .com redirects to. I haven’t kept up[1] and I’m not sure if that’s still a good answer. But it’s worth considering.

                                        [1] After ICANN’s recent shenanigans I increasingly consider DNS to be damage to route around. I’m going to try very hard not to ever buy any more domain names.

                                        1. 2

                                          I live in Sweden, so I could be biased. I believe that The Swedish Internet Foundation, who handle the .se domain, is a trustworthy organization.

                                          1. 2

                                            I believe that too. I’ve heard/read many good things about it.

                                            1. 3

                                              Here are examples of registrars that I believe have a good reputation:

                                              https://www.gandi.net/en/domain/tld/se

                                              https://www.oderland.com/domains/

                                              (I don’t use it personally since I don’t own any .se domain.)

                                              For more examples, see https://internetstiftelsen.se/en/domains/how-to-register-a-domain-name/registrars/

                                              Stay away from Loopia, Binero, Websupport.se, Levonline – I’ve heard so many horror stories about the consortium and their customer support.

                                              1. 2

                                                I only use Gandi for now. My current domain is registered by them.

                                                1. 2

                                                  I see. From what I’ve heard they seem like a reliable company.

                                          2. 1

                                            Would using IPFS be an option for you?

                                            1. 1

                                              Well I need something accessible by normal people. I think you know what I mean.

                                            2. 1

                                              .ink because writing.

                                              http://len.falken.ink

                                              It’s for nothing else.

                                              1. 1

                                                According to this it is run by CentralNic, a UK company.

                                              2. 0

                                                bloggymcblogface.blog