It's always amazed me that ID.me, which you have to use in order to interact w/ the IRS online these days, has a top level domain from the country of Montenegro. Ublock Origin says they're injecting tracking links from Italy's TLD when you login at the irs.gov website.
What's next? Cookies from Colombia? AI from Anguilla?
How about this? Lawmakers pass a law (gasp!) that says if you're a private company providing services to the entire populace on behalf of .gov, your site will use com/net/org only when it is interacting with the government. Full stop.
Probably even the extreme wingnuts in the GOP could get behind this, in a kind of "buy American" way.
@briankrebs I assume you're half-joking.
But in case not, this will never happen. While those three registry operations are all US-controlled companies, two of which being Verisign, there are numerous registrars for those TLDs located all over the world. Do you also stipulate US-only registrars too? Which ones if so?
Then what about all the other TLDs that are effectively in US control? Any of those OK? Why or why not?
How does this square with all the other goods that may not be entirely US-sourced? Placing a name under a certain TLD has potential consequences, and some are potentially problematic, but it may be a lot more complicated than that.
@jtk @briankrebs I don't think it's a matter of controlling com/net/org from non-US organizations.
If you register a domain in another country's TLD, that country or contractor who runs the registry, can invalidate your domain. Or change SOA and publish different DNS records.
Case in point: gay[.]af Mastodon instance was taken offline when Afghanistan decided the content offended their sensitivities.
Also, less likely to get com/net/org get filtered. For a while, couldn't send a text message to iPhone users if a domain with *.me was included. Some strange filter.
BrianKrebs
John Kristoff
hal8999