Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Graphics Networking Open Source The Internet X

After Years of Serving X11, X.Org Stands To Lose Its One-Letter Domain (phoronix.com) 140

An anonymous reader writes: The X.Org domain predates the X.Org Foundation. It was used in the '90s as a destination by The Open Group around the X Window System. While many are expecting Mir and Wayland to eventually succeed the X.Org Server, it seems the X.Org/X11 Server may outlive the valuable domain. Thanks to poor management by the X.Org Foundation, they risk losing access to their one-letter domain. Procrastination, paired with not transferring the domain when forming the non-profit foundation, has led to a last-minute mess. They left the domain registered for years to a person who is no longer involved with X.Org — and doesn't want to relinquish it. In the few days until the domain expires, they are hoping for a "Hail Mary." Let this be a lesson for open-source projects to better manage their assets.
This discussion has been archived. No new comments can be posted.

After Years of Serving X11, X.Org Stands To Lose Its One-Letter Domain

Comments Filter:
  • by forgottenusername ( 1495209 ) on Friday January 08, 2016 @05:33PM (#51265519)

    We almost lost our production domain. The original dummkopf who set things up registered it all under his own name and individual email instead of using a role based account. He then was fired for unrelated incompetence. Fast forward to the domain renewal coming up.. charge went to his personal CC.. he disputed the charges.. we would have lost it except by pure dumb luck I was in the middle of a DNS migration project and was auditing/cleaning up the registrar details. It was as last minute as you'd want; expiration was within 12h.

    One of my pet peeves - people who register for services or get licenses tied to their individual accounts.

    • by ickleberry ( 864871 ) <web@pineapple.vg> on Friday January 08, 2016 @05:51PM (#51265651) Homepage
      Used to work for a hosting company and seen it happen all the time. With actual malicious intent a lot of the time - two guys start a business and one of them runs away, has the domain in his name and starts sending mails to the guy still running the business saying "~haha~ you can't have the domain!!". Other times the guy running the business just has a falling out with his IT guy. Real childish carry on, you'd think these guys were old and wise enough not to carry on like this.

      Another time we had this 18 y/o guy who made sites for people and the domains were registered to his account but not under his name - the fool threatened to take the site down and keep the domain if she wouldn't go out with him
      • Used to work for a hosting company and seen it happen all the time. With actual malicious intent a lot of the time - two guys start a business and one of them runs away, has the domain in his name and starts sending mails to the guy still running the business saying "~haha~ you can't have the domain!!". Other times the guy running the business just has a falling out with his IT guy. Real childish carry on, you'd think these guys were old and wise enough not to carry on like this.

        Another time we had this 18 y/o guy who made sites for people and the domains were registered to his account but not under his name - the fool threatened to take the site down and keep the domain if she wouldn't go out with him

        You know what makes them grow up real fast? An injunction from a court of law.

    • by Midnight Thunder ( 17205 ) on Friday January 08, 2016 @05:56PM (#51265695) Homepage Journal

      The challenge is that a number of companies don't have the notion of role based accounts, so when you are faced with registering something of the sorts, it is a challenge trying to work out the best way to do this, without tying the account to a transient entity (any employee or physical resource is transient).

      Companies that don't have the notion of aliased accounts or special account types for this purpose are just asking for issues.

      • Companies that don't have the notion of aliased accounts or special account types for this purpose are just asking for issues.

        And how exactly is a company supposed to make an aliased email account to register its domain, if it doesn't yet own its own domain?

        A lot of us older IT folk were forced to register the company's domain in our name using our personal funds because our managers were clueless about the Internet at the time. It was either spend (waste) dozens of hours over several weeks or months t

        • by mysidia ( 191772 )

          Well, the answer is you list multiple contacts on the domain registration.

          ONE of the contacts' e-mail address should be on a domain that is NOT the same as the domain being registered; However, the E-mail account should be documented, owned and controlled by the company.

      • Even worse are vendors that forbid and actively try to prevent the use of generic accounts. bobsmith@ is quite a busy guy. He's the contact for like 6 companies.

    • by TapeCutter ( 624760 ) on Friday January 08, 2016 @06:05PM (#51265757) Journal

      get licenses tied to their individual accounts

      This is a partly corporate accounting problem, every time I have been given permission to buy software on behalf of a company they have asked me to do it with my CC and put in an expense claim. It's always the responsibility of the project/department head to manage license compliance/renewals, sucks to be them if they don't keep the license/renewal details I give them. Keeping a domain name you registered in good faith on behalf of someone else is just being a dick.

    • Did that in work to pay for a bit of software for the company website, since the vendor used paypal and the company credit account already had a paypal account associated with it - which was innaccessible for *reason that doesn't matter*.

      Didn't realise the plugin would be tied to my personal email until after buying the bloody thing.

    • by Kjella ( 173770 ) on Friday January 08, 2016 @06:19PM (#51265863) Homepage

      If said person was a founding member with an actual stake in the company, I wouldn't be too hard on them. I was part of a start-up and in the beginning it's all about making a profit and taking whatever shortcuts you can. If you get caught up in doing things "proper" and planning for when you have hundreds or thousands of employees you're probably not going to get there. Early Microsoft was hardly perfect but Gates ran with it. Early Oracle was hardly perfect but Ellison ran with it. Early Facebook was hardly perfect but Zuckerberg ran with it. Worrying too much about growth pains means you lose sight of the growth being the hard part and the pains the easy part. If you're just "an employee" and do things with your personal accounts then yeah, you deserve what's coming to you.

      • by forgottenusername ( 1495209 ) on Friday January 08, 2016 @06:44PM (#51266029)

        I guess. Lately I think the real difference between a seasoned engineer and a "senior" engineer is just taking that extra 10% of time to do things vaguely sensibly up front. There is no such thing as temporary. At the least, set things up so refactoring them later doesn't require a total redo.

        This guy in particular was just in way over his head but one of those sorts who is paranoid about admitting that or asking for help. In fact he was hostile to help. Not really part of my original point but he'd do stuff like;

        - ignored my advice to not tie production services into corporate domain (if you ever get sold/acquired etc, you understand)
        - ignored my advice to not create a "split domain" with the corporate domain (eg the windows domain was companyname.com, the windows dns servers thought they were SOAs but that same domain had actual internet resolvers with different records)
        - refused to entertain the notion that linux was production ready (this was in 2009) and forced solaris as a standard. On x86. As vmware VMs.
        - refused to take any help or assistance in installing the base OS despite being a windows guy with zero unix knowledge. We ended up with stuff like DB servers that had 2x swap as ram.. and they had 128G ram..
        - For some odd reason was very hostile to the notion of service/host monitoring.. like.. not just against nagios but _anything_

        The list goes on and on.

        He was just really promoted way above his experience level as happens in startups; they hired me probably 8 months after him, when production databases had been wiped and backups hadn't been successful for months (back to the no monitoring thing).

        It took a bunch of years to fully undo all the crap he had put in place. I danced a jig when I closed the lights on the datacenter he had built (we migrated). Did I mention in that datacenter, he setup "redundant" switches and firewalls for the servers.. but had all the internet drops coming down into one single unmanaged 1G cheapie netgear entry level switch?

        If he had allowed me to help I bet he'd still be working there. I have no problems mentoring people as long as they're not asshats. Last I heard he was in law school after a stint in real estate..

        • by KGIII ( 973947 )

          You know, I want to say you're full of shit and making that whole thing up BUT, sadly, I've read Slashdot (and seen enough of your posts) to the point where that doesn't even really surprise me any more and I completely believe you. I am so glad that I owned the business and that we got started as early as we did but, more importantly, I'm so friggen happy that I sold and got out when I did.

          This sort of stuff is just mind boggling. I don't even understand how that happens. The very first thing I did when I

          • > How does that sort of shit even happen? Who the hell promoted this person? Why?

            A lot of the problem is the business side almost always knows nothing about the tech side or (bigger problem) who to trust and who is full of it. They're generally the sorts who can barely keep their own workstation under control. So you run into a few problems.

            1) There's a shortage of qualified tech people who have been around long enough to avoid some of the common problems
            2) The people ultimately responsible for hiring an

            • You missed a vital clue.

              especially in companies that are just starting up cash flow is a big friggin deal.

              The cheapest solution no matter how badly conceived is always the best solution as long as it is functional.

              This is the difference between tech guys and business guys. business guys always think about the money and cash flow first. We have $X,XXX dollars we need something that can do HHHHH. to do HHHH properly will cost $XX,XXX. yea but we can't afford that so we have to make do with this.

              remember ju

              • It's a good point but following some sort of vaguely sensible process and best practices (as nebulous as that can be) doesn't cost any money. Like, it doesn't cost any money to create role based accounts for service/license management, bring up systems in a clean repeatable way, implement monitoring etc. Most of my career has been around open source software which is free licensing fee-wise. I think you need qualified engineers regardless if it's OSS or not so the argument of "we need vendor support!" never

          • I'm imagining myself way over my head in a new job I wanted to keep, and being a bit less scrupulous. I can easily see myself doing things like that. Bringing competent people in would make it obvious I wasn't, and shouldn't be paid at that level. I'd be frantically learning, and I'd miss a lot of things (like exactly what redundant network connections mean).

            • by KGIII ( 973947 )

              Hmm... I'd not thought of that. I dunno though... LOL You're kind of old and have a moral compass now. ;-) It'd probably have to be a job you /really/ wanted. I'm going to pretend you'd never do such a thing.

              I guess I'm just not creative enough because, sadly, that never crossed my mind. Yet, I bet it'd work in a number of places. It's like the adage about the two guys out bear hunting. I don't have to outrun the angry bear, I only have to outrun you.

              Then again, I did lay out a decent plan for how BBC would

              • I'm pretty good at thinking of evil things, and I like putting myself into situations so I can understand what likely goes through evildoers' minds, but I'm not sure I could actually be evil in that way.

                One of the things I like here is there's a lot of diversity in experience and thinking.

        • by ruir ( 2709173 )
          Sadly, I have seen it happen too. I had to be flown over to a sister company in another country with the same ERP software of us, after a major snafu (newspapers and all) to automate some processes that were already automated in our side. The process was being done by 6 people by hand who had no whatsoever interests in that it worked well, because they were deceiving my counterpart, and running a business on the side. Never understood why the resident guy did not take my help , insisted in developing his
          • by ruir ( 2709173 )
            (slashdot could use a 1 minute edit-window. I hate seeing english mistakes and not being able to edit the message)
    • Re: (Score:3, Insightful)

      by Anonymous Coward

      You call him a "dummkopf", but I know several cases where some "dummkopf" was the reason why a domain existed at all and not just some third party lock-in URL, and despite several attempts to transfer the domains to a role account, the projects would have sooner let the domains expire than take responsibility of them. It's always a mixture of not caring about things that seem to take care of themselves (thanks to the "dummkopf" paying out of his own pocket) and organizational red tape which makes these thin

  • by dslauson ( 914147 ) on Friday January 08, 2016 @05:36PM (#51265543) Journal
    So, the guy whose name is currently on the registration (Leon Shiman, from what I've gathered) doesn't want to turn over the domain, but also isn't going to renew it? Is he being uncooperative on purpose? I know he hasn't been involved for years, but is he being antagonistic, or can they just not get hold of him, or what? It seems like this should be relatively simple to clear up, so what am I missing?
    • by Volanin ( 935080 ) on Friday January 08, 2016 @05:42PM (#51265599)

      The synopsis is misleading. There is nothing like this in the article. It mentions that Leon Shiman is the current registered owner, but everything else is being kept private for the moment. He being uncooperative is just as likely as he being unreachable for contact for some reason. We'll find out in the next 11 days.

    • This. TFA doesn't give any of the soap opera juicy bits. Is he asking for money? Can they not find him? I work for a nonprofit and the 'genius' who purchased all of our domains originally used a personal Gmail account as opposed to a corporate account. It was a nightmare to clean up and took me a good 3 months to coordinate it all. My org had him on retainer in case I needed his help when I first came in. I used this and many similar (and some significantly worse ) examples to get them to drop the contrac
    • by mysidia ( 191772 ) on Friday January 08, 2016 @05:46PM (#51265629)

      Yeah.... I don't understand. You do not need a registrant's consent to pay for a domain renewal.

      One of their fans should just pay the bill on his behalf.

      Also, unless they have gone out of their way to set a registry-level lock on the domain clientRenewProhibited, then most likely ANY domain registrar could technically send an EPP request to renew the domain for 1yr, and just pay the bill.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Here's the current locks:
        Domain Status: clientDeleteProhibited https://www.icann.org/epp#clientDeleteProhibited
        Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
        Domain Status: clientUpdateProhibited https://www.icann.org/epp#clientUpdateProhibited

      • by zyklone ( 8959 )

        That's how we did it back in the olden days around here.
        This was a fun day when Microsoft let passport.com expire, luckily some slashdoter renewed it for them.

        https://web.archive.org/web/20140921073357/http://slashdot.org/articles/99/12/25/114201_F.shtml#40

      • by Anonymous Coward on Friday January 08, 2016 @08:08PM (#51266423)

        I have seen this before with other open source projects. Members of the project who are developing suddenly get very paranoid of the guy who has been footing the bill for their domain or services. Even if the guy has been trustworthy and a friend of theirs for years and it has been genuinely helping the project. Something happens, like a renewal is filed at the very last minute or they receive threats from an outside party to hijack their domain. Sometimes nothing happened to trigger it.

        Usually, the threats are unfounded, but paranoia and name calling sets in. People accuse the fella paying the domain host, or they're rude to him. Then some random member just demands he hand over the domain. He doesn't know if he can trust that person to handle it properly, or they aren't willing to pay for the control because let us face it they're pinko communists. This creates a lot of contention between the members and their benefactor. It recently happened at cyanogen, they're even threatening to sue the guy even though he handed over everything.

        And, this psychological effect seems to extend beyond just domain control, for example Mozilla biting the hands that feeds them i.e. Google. They were being given something like roughly 80 million every year for making a free browser, and then they were telling people to switch to Bing and refusing to support Google video or image standards. Google kept funding them until recently, even though Mozilla held such contempt for them.

        Many other examples exist I'm sure.

        • I have seen this before with other open source projects. Members of the project who are developing suddenly get very paranoid of the guy who has been footing the bill for their domain or services.

          There is some truth to what you're saying, just like there is some truth about the other side as well.

          Some people make it a point to get a domain name under their own personal name, and personal credit card, even when asked not to do so initially by the leaders of the project. After all, among developers (and outside of university students who can be broke), people in Technology can usually afford the domain name registration fees, so this action is really not about money. It's usually about control.

          During

      • It's only possible for the current registrar to renew the domain over EPP. However, .org domains auto renew at the registry, so the registrar must send an explicit DomainDelete command within the renewal grace period (about 30 days after expiration). Most likely if the registrant fails to renew within that period, they will sell/auction the domain instead of deleting it.

    • by Todd Knarr ( 15451 ) on Friday January 08, 2016 @06:56PM (#51266109) Homepage

      Yeah, someone's just trying to make drama where there isn't much. Shiman's using his own email for the contact email, and possibly his own personal phone numbers, but the registrant name is "X.ORG Foundation, LLC". Probably all it is is X.org doesn't have the credentials for the registrar account to manage the domain themselves, so they'll need to jump through the hoops with NetSol to prove they're really X.org and get the domain moved to their account. A copy of the letters of incorporation should do the trick, and accompanying it with payment should get NetSol to extend the registration while this is being cleared up.

      Part of this I blame on the registrars who don't make it obvious how to set up a domain so that several registrar accounts can manage/access it, or who don't provide a way to register a domain with a new account owning it and yours just being assigned to manage it.

  • by Anonymous Coward

    The whois, though showing leon's email, looks to have the XOrg foundation as the registrant, tech, and admin name.
    Surely that's enough for network solutions to say that it's clearly the intent that it's the XOrg foundation that owns it rather than the individual?

    • by Anonymous Coward
      Hey now, don't let the facts get in the way of trying to create a juicy drama.
  • Big deal (Score:3, Insightful)

    by Anonymous Coward on Friday January 08, 2016 @06:07PM (#51265785)

    Yes, he's listed as a contact but it's registered to "X.ORG Foundation, LLC". They just need to contact networksolutions. tell them the sob story and jump through the hoops (they may need to show incorporation docs) to prove they are actually the X.ORG Foundation. I've successfully done this for a client in the past. Maybe times have changed since then.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      As explained in TFA, ""The domain is currently registered in the name of X.Org Foundation LLC, which the foundation dissolved when forming the 501(c)3 organization."

      • by Anonymous Coward

        It may seem counter intuitive but a dissolved organization still exists, at some level, so that it can take care of business such as this.

      • Re:Big deal (Score:5, Informative)

        by Dredd13 ( 14750 ) <dredd@megacity.org> on Friday January 08, 2016 @06:41PM (#51266013) Homepage

        Having been through a similar rodeo, it's just a matter of showing a different set of paperwork that shows "when orgA dissolved, all of its assets were transferred legally to orgB", at which point any representative of orgB has the same power over it because it's a transferred asset which just hasn't had some paperwork corrected at the registrar.

      • by borcharc ( 56372 ) *

        Whatever the name of the 501(c)3 is, is not the successor in interest to X.Org Foundation LLC. This is a trivially simple matter to resolve that exists all over corporate law.

    • by rajugo ( 4401767 )
      yes for each and every change in registration or change in registration have to tell a lob lob story and then give the necessary doc to them fro the change. this is my company where i found some troubles like this and shifted to blogger. http://www.realestategroupsrev... [blogspot.in]
    • They just need to contact networksolutions

      ahhahahahahahahhhhaaaaahahaaaaaaahahaha

  • by Anonymous Coward on Friday January 08, 2016 @06:12PM (#51265813)

    I'm seeing a lot of comments along the lines of "ah stupid morons, so incompetent to register a client domain using your personal credentials" which tells me these people have not worked a lot in the real world.
     
    I can think of 5 separate occasions where I saw that the CEO, CTO, COO, CO-whoever is in charge couldn't be bothered to come up with the correct credentials or a company account to set up a simple domain for their clients. These aren't mom-and-pop shops-- major ad agencies do this all the time, movie and media companies are slightly better.
     
    Out of desperation, either you set it up yourself, or it doesn't get done and you get fired. Explaining the legality, fragility, and idiocy of this to the people in charge of credentials is pointless-- all they hear is "blah blah blah I won't do what you want me to do"
     
    One place I worked at EVERY TWO YEARS there was a major scramble to get a long-departed tech guy to renew a domain. Each time this happened, the day always finished thusly:"OK, let's never do that again. Give me company credentials and a billing account and I'll set this up to auto-renew".
    "Sure, send me an email about it tomorrow, I gotta go play some golf".

  • Using that instead would certainly boost the number of visitors by a magnitude... ;-)
    • Using that instead would certainly boost the number of visitors by a magnitude... ;-)

      Or, more appropriately: xxxxxxxxxxx.org

  • 1998 wants its' concern over "cool" TLDs back.

    Sure, it's an organization pain for a minor number of services, but it's hardly a travesty that warrants any coverage.

    • Fair point. X.computer would be more applicable to them now, anyway, but you're right: domains don't mean nearly what they used to thanks to search engines.
  • by weave ( 48069 ) on Friday January 08, 2016 @07:59PM (#51266385) Journal
    So if isn't registered, would it become unavailable for someone else to grab? Most other one letter com, orgs, and nets are reserved. Only a few are grandfathered in, like x.org.
  • According to the article the x.org domain was registered to X.Org Foundation LLC, which got dissolved when the 501(c)3 organization was created.

    But some organisation (presumably the 501(c)3 organization) must be the legal successor to the Foundation LLC. If they are not able to get the registration renewed just because the PERSON who wound up in the administrative/registration contacts doesn't approve it, then any employee that is in that contacts for any company could hold the companies domain registrat

In practice, failures in system development, like unemployment in Russia, happens a lot despite official propaganda to the contrary. -- Paul Licker

Working...