This seems like a bit of an abuse problem because of a few factors:
At least in one case, domain owners might not be aware that their domains can be used by others users, and are getting locked out of their own domains (in a rate limit sense)
The rate limit system is being subverted, the effective rate limit for this type of approach is multiplied by a large factor thanks to the availability of domains
The PSL has proven to be an ineffective tool for managing shared domains. Not-so-recently it’s become increasingly impossible to get listed.
I wonder where the best place for this to get addressed is?
How do you mean "shared" and "their domains can be used by others"?
Do you really mean that if I register example.afraid.org (for example) and point the DNS A record to 127.1.2.3, another user can come and point that same hostname to, e.g., 127.4.5.6 ?
Or do you "just" mean, another user can register example2.afraid.org, so the base domain is shared?
If you have a domain osiris.org, and use their authoritative nameservers on their free plan, then I, as an afraid.org user, can use (as in, create DNS records under) az.osiris.org for myself.
If you pay, you can make the domain “fully private”/unshared.
Based on their registration/zone stats and the fact that this issue is coming up, I suspect that many users do not realize that their domains are shared.
Why wouldn't it? Just because you're paying for one thing doesn't mean you want to pay for something else. But this seems like a strikingly misguided (or just plain dumb) "feature" on afraid.org's part.
It's a cost thing that comes up when the domain name reseller is crap, and either does provide an interface at all (they exist for some strange reason) or provide a horrible one. Over 10$ a year sounds small, but it isn't so small when you add up all the about 10$/year and apply conversions into local currencies in much of the world and add in the administrative costs of dealing with the invoicing in small scale commercial settings.
Yes, I know the service does have value and that 10$/y is probably a fair price.
This is the strange part.. Why choose afraid.org for such a thing, when CloudFlare offers free authorative DNS services too? If I had to choose between some strange, unknown sharing-site or a global, well respected and probably well operated free DNS service, I didn't hesitate.
I still don’t get it. When would you need afraid.org? Don’t have most places where you register a domain have their own DNS? I own a handful of domains but never needed to provide my own DNS.
I use the dynamic DNS service because I don’t have a fixed IP at my ISP.
In afraid.org registered free users can set share notify in preferences, which allows you to refuse sharing your domain. It’s not automatic, just respond to a notification email.
Just looking at the registry shows my domain has 5 hosts in use ???
WTF, I’ll find out what this means !!!
Osiris, Letsencrypt does work with afraid.org and has for quite a while (for me).
Basic rule of thumb is separate the operators of your DNS registrar, your DNS name server operator, and your webhost, so one company cannot unilaterally kill your whole stack easily.
@asteroza Well, if this is the only reason I don’t wholeheartedly agree with that. Every part is crucial. So instead of having one point of failure, you now have multiple parties which could do you harm if they wanted to. I’d rather suggest spending a couple bucks more and use reputable services you can trust. Extreme cheap or free services like afraid.org is just the opposite.
From a security point of view it’s true. If that one provider get’s hacked they have everything from you.
