-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple official domains are not a problem #1
base: canonical-domain
Are you sure you want to change the base?
Multiple official domains are not a problem #1
Conversation
We already have some data on how other people perceive the situation: - NixOS/foundation#34 - NixOS/nix.dev#290 - NixOS/nixos-homepage#633 - https://discourse.nixos.org/t/nix-related-domains-that-i-control/10034 - NixOS/nix.dev#285 - NixOS/nixos-homepage#882 - NixOS/nixos-homepage#828 I claim, and the evidence linked above supports it, that multiple domains are not an important issue. What makes multiple domains problematic is a lack of distinct naming and assigning distinct meaning to those names.
I'd say it's fairly standard to think that different domains to imply different ownership. For example, when I first heard of https://github.dev, I thought it was kind of suspicion for it to use the same name GitHub and didn't trust it, even though it's also owned by GitHub. That's actually what every phishing 101 course teaches you, to always double-check the domain name. If we do want to separate the different official projects more, we can still use subdomains, which by design imply the same ownership. Alternatively if some project actually does get independent ownership (e.g. I could see this with a third-party nixops fork), it would make sense to have a separate domain. |
And that's indeed true for the current situation. Two quite separate groups of people maintain the contents on these domains.
The phishing aspect is indeed relevant. But right now dealing with that neither seems necessary nor like within reach even if it were. We have yet to observe malicious attempts at impersonation, so the Nix logo in combination with the magic word "official" do their job. And if they didn't: We don't even have a trademark policy yet. On the technical level one can always establish a set of trusted domains by linking certificates, and support that by presenting an exhaustive list of trusted domains. |
It's the same overall project though, the websites can link to each other, the teams can talk to each other and work together, both have to respect the RFC process, etc. This is quite different from actual distinct domains where there's no working together. In fact, separate domains negatively emphasises our teams not working together, because why would we need separate domains if we worked together.
The point of the argument is that everybody interacting with the internet should know that different domains potentially implies separate owners, and that should be the default assumption. Effort is required to establish the link that two domains are in fact owned by the same entity and can be trusted equally. In comparison, subdomains don't have that, people should know that subdomains are owned by the parent domain and that they don't need to establish trust separately. |
All good arguments, and not necessarily obvious. Let's add them to the rationale for the concrete proposal rather than the motivation. |
A (weak) counter-argument is that a lot of people assume that nixos.wiki is an officially supported resource. (No, I don't have data.) |
I can confirm this anecdatum based on my own anecdata, and see that as supporting #1 (comment): nixos.wiki says very clearly in large bold letters on the front page that it's the unofficial user's wiki. But it has the Nix logo on every page, prominently appears in search results, and the good bits are recommended in many visible places by trusted community members to help solve problems. This is can be solved with talking nicely to each other, getting our act together for official sources to be found more easily, and, as ultima ratio, exercising trademark policy if we had one. |
Arguably, most user journeys on nixos.wiki don't go through the front page, which is probably a large contributing factor. |
I know I read somewhere folks wanted to discourage the use / sharing of the wiki but it's so useful would it be crazy to actually make it official or absorb it somehow? Otherwise exercising trademark policy is probably the right idea because it looks official (https://status.nixos.org/ looks like the wiki...) and one sometimes forgets it is user maintained |
https://nix.dev/contributing/documentation/#wiki
|
As a data point, I just randomly stumbled upon an example of multiple domains immediately triggering alarm bells: https://news.ycombinator.com/item?id=38199716 |
We already have some data on how other people perceive the situation:
I claim, and the evidence linked above supports it, that multiple domains are not an important issue. What makes multiple domains problematic is a lack of distinct naming and assigning distinct meaning to those names.