It’s possible that the .io cctld is going to go away [0]. Does crates.io have a backup plan at all? Does anyone know what problems it would end up causing?
I imagine the package registry having to move domains is going to cause a ton of problems.
Frankly, it’s concerning to me that so much of the Rust ecosystem has chosen to standardize on shaky ccTLDs. The Indian Ocean Territory (.io) is a small island territory whose only inhabitants are a single military base, it is crazy to use that domain for something important. Serbia (.rs) is more stable, but they could still cut off access for non-Serbians if they wanted to.
What about stopping the bullsh*t of TLD nonsense and doing something like
crates.rust-lang.org
? It’s the most sensible solution.I’d very much welcome a crates.io alternative that doesn’t require github and supports namespacing by username or org. The dependency on a proprietary platform rubs me the wrong way.
Namespacing by username or org is a good way to get people to download the compromised wrong crate though since barely any document will talk about that part of the name and it will sometimes change over the lifetime of a project.
Is that a problem with java? In fact, is it even a problem on github where repos are namespaced by user or org?
Forgot to mention .sh, which is also a ccTLD for a tiny island nation, and also shouldn’t be used for hosting anything that is difficult to move.
Saint Helena is in no way comparable because it’s not disputed territory. Back when Mauritius became independent the British carved out some islands for their continued colonial use, breaking (back then brand new) international law.
Saint Helena has no such connection to another country and it was uninhabited before the Dutch settled. The Brits later conquered it but even if the Dutch want it back it’d keep its autonomous territory status and therefore its own TLD, the Dutch have plenty of those.
They can still revoke its use anytime they want. Which is the main issue right?
So can any TLD holder. The rules for .org might change to disallow individuals. .com might outlaw non-profits. .net might get restricted to ISPs. There is a small, but existent, chance that all the oxygen molecules in the room I’m in are going to decide that they’ll huddle up in some corner, leaving me to suffocate. I refuse to worry about it.
If you want to be paranoid like that you can send the rust foundation some money and tell them to spend it on the .rust and .ferris gTLDs.
@barsoap @GetOffMyLan It’s not even all that hypothetical tbh. I don’t recall the details exactly but there was a big scare a few years ago when .org changed hands.
I seriously doubt they will actually phase it out, with such a popular TLD. They made an exception for .su, I don’t see why they wouldn’t this time as well.
I doubt they will too, but it’s still dumb that an entire package ecosystem now has to hope that ICANN will make another exception and special case .io
ICANN tried to phase out .su, the only reason they didn’t was because Russia was big enough to tell them no.
If the domain .io ever gets unusable, then all it needs for Rust / creates.io is to change the respository setting in the configuration of your project to point to new location. Maybe this could be done automatically through an update of Rust tools. It will probably cause headache for automated build systems and for newcomers, but overall its not as bad of an issue as it looks like, I think.
But I agree on that it wasn’t a good idea to use .io and .rs as their backbone. It should have been .com or .org in example, where you know wouldn’t go away ever. Not a fan of country level domains for important projects.
Serbia isn’t going to vanish any time soon.
But it could limit the usage of its TLD.
Unlikely, and even more unlikely to not be able to be worked around by a local rust user group.
Like, the .eu restriction to only give out domains to individuals and companies within the EEA is more about having a domestic contact than anything else, EURid doesn’t care who actually uses the domain just that it has European legal representation.
Obviously this isn’t specific to Rust, but frankly it’s bizarre to me that ICANN chose to tie top-level domains to country codes in the first place. Languages might have made sense, but a major feature of the internet is that it’s less beholden to political boundaries than most of the physical world is.
It’s more bizarre that a single organisation would have such tight control over the Internet. Assigning a tld to each country is a good way to appease each country and give them autonomy over their own portion
But do they actually have autonomy, give that random companies can use
.io
and.ai
? Or did the British Indian Ocean Territory and Anguilla approve all such uses of those domains?Yep. The governments typically select who administers the tld and then get a lump sum or portion of the revenues.
For
.ai
it was 10% of their GDP in 2023 which is insane…The registration fees earned from the .ai domains go to the treasury of Government of Anguilla. As per a New York Times report, in 2018, the total revenue generated out of selling .ai domains was $2.9 million.[13][14]
In 2023, Anguilla’s government made about US$32 million from fees collected for registering .ai domains. That amounted to more than 10% of gross domestic product for the territory.[
Wow, I definitely should have google that myself before asking, but thank you for explaining and calling out that data point.
I honestly think that shows that it was in fact a bad idea to assign TLDs to countries. Having a country code acronym with a popular tech meaning is essentially just luck of the draw, so they’ve basically just arbitrarily given a few small countries a valuable resource to sell. I guess that benefits those countries, but I doubt “quasi-random fundraising for small countries” was ever the intent.
They are just iso country codes though, so it is just the luck that some have become so popular.
Some countries are pretty strict that their tlds must be local or at least provide translation in the regional language. The cook islands for instance have prime opportunity with .co.ck but they refuse the to let people take advantage
There are several cctld where the entity buying the domain needs to be a local. EU is an example for that. De requires you to be able appoint a representative within 2 weeks living in Germany.
Why top-level, though? Why not amazon.in.com?
Interestingly enough, you also have amazon.co.uk, which combines the nature (commercial) and location served (UK), but in the opposite order.
There’s zero chance they will get rid of
.io
.Are you willing to bet the stability of an entire language’s dependency ecosystem on that? Just so that we can write “crates.io” instead of “crates.rust-lang.org”?
That’s really the question. I do agree that there’s almost no chance it goes away as too many places and too much money depends on it.
Yes I definitely am. It’s really nice that crates.io is short, and it’s silly to give that up for a miniscule risk of something moderately annoying happening.
Even if the domain goes away we’d just have to all move to a new domain. Annoying but hardly the end of the world. Cargo.io isn’t actually hard-coded in many places. It’s nothing like if github.com stopped existing.
Submit an issue asking for preemptive GNS (Gnu Name System) domain name support, and leave a link to it here.
It shouldn’t be too hard to have a backup domain point to the same resources. Could even be setup as a fallback mirror by default.