I've written before about the moribund BIMI specification. It's a way for brands to include a trusted logo when they send emails. It isn't much used and, apparently, is riddled with security issues. I thought it might be fun to grab all the BIMI images from the most popular websites, so I can potentially use them in my SuperTinyIcons project. BIMI images are SVGs. Links to a site's BIMI are stored in a domain's DNS records. All BIMI records must be on a default._bimi. subdomain. If you run …
Continue reading →
You type in to your browser's address bar example.com and it automatically redirects you to the https:// version. How does your browser know that it needed to request the more secure version of a website? The answer is... A big list. The HTTP Strict Transport Security (HSTS) list is a list of domain names which have told Google that they always want their website served over https. If the user tries to manually request the insecure version, the browser won't let them. This means that a…
Continue reading →
More on my experiments with silly Punycode domain names. http://↑↑↓↓←→←→ba.tk/ Yup, copy and paste that into your browser and it will resolve. (more…) …
Continue reading →
How should I design my personal DNS for all the cool new Federated Services and IndieWeb protocols? Way back in the early 2000s, I started this website - shkspr.mobi. A few years later, I added a blog. I could have used the main domain, or created a subdomain like blog.shkspr.mobi. In the end, I chose a subdirectory of shkspr.mobi/blog I don't know if that was the right choice back then, but it is looking like the wrong choice now. I want to be a "first class" citizen of the Fediverse. I…
Continue reading →
You know how it is, you buy one silly domain name and then you get an idea for loads more! A few weeks ago, I got https://⏻.ga/ - I think I'm the first person to get a domain name which uses a glyph from the Miscellaneous Symbols Unicode block. How exciting! And that got me wondering… what other abuses of the Punycode algorithm can I whack into DNS? Well, here's some I whipped up using FreeNom - they offer free domain names on the .ga TLD (and a few others) and are very liberal in accepting P…
Continue reading →
I'm concerned about the longevity of the domains I register. I want my domains to be available for as long as possible. But it seems that every year prices rise - and the discount often provided for a new domain rarely continues into subsequent years. So I recently started renewing them for as long as possible. It turns out that most domains can be registered for a maximum of 10 years. A typical .uk domain will set you back the thick end of a hundred quid if you want it for a decade! Can I…
Continue reading →
You've been on the Internet a long time, right? Of course you know what BIMI is. All the cool kids do. But, for those of you who aren't hip to the jive of the Infobahn... BIMI (Brand Indicators for Message Identification) is a new standard that can curb the issue of online impersonators. ... BIMI is a new standard that enables you to include your company’s logo alongside the emails you send. That way, your brand stands out among other emails, and your customers are sure that the emails are l…
Continue reading →
As part of my new job, I'm learning a lot more about the mysteries of the Domain Name System than any mortal should know I thought possible. The humble unix dig command allows you to query all sort of DNS information. For example, to see name server records for the BBC website, you can run: dig bbc.co.uk NS Which will get you: ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35614 ;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 17 ;; OPT…
Continue reading →
It's useful to share negative results. Not every experiment has an amazing or successful outcome. tl;dr you can't register Punycode .ss domains. This also means Internet users in South Sudan can't register domains using their own writing system. Background The Republic of South Sudan became independent and joined the United Nations back in 2011. A decade later, and it's now possible to register .ss domains. Partly due to the history of the letters SS, and partly because of the way domains…
Continue reading →
tl;dr you have to keep complaining to Virgin for several months and then take them to the Communication & Internet Services Adjudication Scheme then complain to their Data Protection team by contacting them on LinkedIn. Background Virgin have a spammy DNS hijacking service. If you accidentally misspell a domain - for example example.coom - Virgin will pretend that the domain exists and serve you up an advertising page. Yahoo powered! Yeuch! This means my data is sent to these advertisers…
Continue reading →
tl;dr Google forgot to renew a domain used in their documentation. It was mildly embarrassing for them. And possibly a minor security concern for some new G-Suite domain administrators Background Choosing a good example domain, to use in documentation, is hard. You want something which is obviously an example, so that users understand they have to substitute it for their own details. But it also needs to be a validly formatted domain, and shouldn't be used for anything important, and -…
Continue reading →
Unicode contains a range of symbols which don't get much use. For example, there are separate symbols for TradeMark - ™, Service Mark - ℠, and Prescriptions - ℞. Nestling among the "Letterlike Symbols" are two curious entries. Both of these are single characters: Telephone symbol - ℡ Numero Sign - № What's interesting is both .tel and .no are Top-Level-Domains (TLD) on the Domain Name System (DNS). So my contact site - https://edent.tel/ - can be written as - https://edent.℡/ And the Nor…
Continue reading →
