disallow new registration of .arpa, .local, etc handles #1016
Conversation
|
I think the test failure is not due to this code, but some package/dependency thing |
|
fwiw this comment didn't get updated:
|
|
@ericsampson that is intentional in this PR. What we have changed for now is preventing registration of these domains with our PDS implementation, but not yet banned them from the protocol itself. That will come as a second step. |
…al#1016) * handles: test 'dotless' disallowed; move .arpa/.local proto-level test * handles: disallow infra/reserved handles
…al#1016) * handles: test 'dotless' disallowed; move .arpa/.local proto-level test * handles: disallow infra/reserved handles
|
Not to beat a dead PR, but could we get clarification on the specific reasoning behind banning .arpa and dotless domains? While the documentation provides justification for other banned special-use TLDs, it doesn’t seem to address these two explicitly. From a trust and ownership perspective, this restriction feels counterintuitive. Both .arpa and top level domains require a higher level of administrative control and are typically tied to infrastructure, making them verifiably unique and resistant to abuse. Given that ATProto uses domain-based handles as a trust mechanism, preventing the use of these domains seems like an unnecessary limitation. For instance, network operators might want to establish BSky accounts linked to .arpa subdomains for their IP ranges, providing an authoritative channel for network status updates or operational announcements. Similarly, top level "dotless" domains, while unconventional, could for example be useful to a corporate entity who owns a brand TLD and wishes to use that as their handle (i.e. protocol-wide A protocol-wide ban on both of these prevents edge cases where they can be useful. |
This is a "stop the bleeding" PR to halt creation and migration of new handles with
.arpa,.local, and a couple other special "infrastructure" and "reserved" TLDs.Rough plan would be to get this in, then ask existing
.arpatricksters to change handle (or better yet just delete those accounts), and then soon disallow at the protocol level (aka, even referencing such a domain would be invalid).Also adds test coverage to ensure we don't allow "dotless" top-level handles, like "io". These are controversial and seem to be considered an anti-pattern by many IETF folk. I think they would be super duper cool but also super confusing for users, so we should continue to disallow at the protocol level.
cc: @devinivy @dholms for visibility