All coding models think they are Anthropic (msai-labs.com)
1 points by sammarvasti 1m ago 0 comments
OpenAI doesn't have the cash to pay Oracle $300B (sherwood.news)
1 points by elmar 1h ago 1 comments
Dotless Domains
202 wibbily 152 5/11/2025, 1:38:00 AM lab.avl.la ↗
ICANN does not define SMTP, and the "relevant quote" from SSAC in the article footnotes mentions nothing about it, either.
In fact, RFC5321 makes explicit reference to the possibility of an email address using a TLD as the domain in section 2.3.5.
I mean.. you can use emoji domains right now. They work most places for email. The part I found didn't work so well is emoji usernames on emoji domains. That has poor deliverability.
ICANN, by the way, heavily discourages such domain names, even though it can't actually prohibit them: yes, RFC 5892 explicitly prohibits emoji code points in internationalized domain names but so what? If registrars allow (and many acually do allow) registration of such names that only means that they violate some RFC and they already violate quite a lot of them. Who cares! Just pay the money and we will delegate you whatever names you want.
http://[::ffff:1.1.1.1]/
Sadly, cloudflare does not.
Some things do definitely try to follow RFC 3986 still, but my feeling is that it’s mostly legacy stuff, and the URL Standard is much more important these days. Though RFCs dealing with URLs will probably still cite it (e.g. RFC 9110, HTTP Semantics, June 2022).
https://url.spec.whatwg.org/#host-parsing, follow step seven.
Huh, in many years of web development I never knew that. Thanks!
IP address p.q.r.s is decimal p256^3+q256^2+r*256+s.
Or maybe in your terms it's 256^(0..3) where you can think of it like each dotted component is a symbol (like 0-9 in base 10) where each component is a position digit. Where the right-most element is the "256^0" ("ones") digit, and the left most element is the "256^3" ("16,777,216s") digit.
Remove the dots and concat the binary value for 1.1.1.1 and you get 00000001000000010000000100000001.
Convert that binary value to decimal and you get 16843009.
16843009
They insist on using the “www.vatican.va” only, and my browser’s autocomplete history reflects this.
It's very common and understandable for folks to conflate the Holy See with the Vatican, but they are distinct entities with two different functions and purposes.
If we're discussing the administration/governance of the Church and the organs which make up the Roman Curia, then we're definitely looking at the Holy See. It's the Holy See, not the Vatican, which is a Permanent Observer to the U.N.
But again, if we're looking at any sort of physical presence, it's the Vatican City State. The actual territory that's an enclave and microstate is the Vatican. It's where people live, work, and worship. "The Vatican" is the entity selected for the ".va" ccTLD simply because of the way the rest of the world works. But only a few of those 2nd level domains can properly be considered more "Vatican" than "Holy See".
https://www.vatican.va/siti_va/index_va_en.htm
https://archive.is/MDRWw
DNS lookup and web browser domain lookup are not quite the same. This is the price of a unified input bar.
I never saw what was wrong with having a URL and a search box in the same bar. It was fine, and I knew that whatever I typed into the URL bar would be treated as a URL.
Fast forward a few years, and URLs I type into the bar are not treated as URLs (internal HTTP URLs get rewritten to HTTPS when a server is restarting).
homeserver -> Google
homeserver/ -> http://homeserver/
Also, a trailing dot would indicate the opposite of what we want - we're using single-label domains that only work if we can rely on search suffixes to qualify them.
I was writing an email validator for my project which I'm so excited to announce soon. And my research (some stackoverflow answers) suggested that, yeah, you can have "a@b" as a valid email, as long as there's a one-letter TLD that can have MX records.
Which it seems there can be!
So my email validator is essentially just /^.{1,}@.{1,}$/ ... yay.
Many years ago I managed to get a cctld owner to point their tld MX records at my smtp server, modified postfix to allow empty usernames (even although the RFC allows them, postfix didn't), and successfully had someone send me email to '@tld', in order to win a bet. :) (And it was a 2-letter tld.)
Then the owner of "@" cannot use my site. I'm fine with that.
However, there is absolutely no technical reason that I can think of that precludes u@x. In the end DNS query -> DNS answer. Given that say, PowerDNS has LUA built in, I can make it respond with "my little pony's stable is in {random_country}" - to A record requests, which might make the requester a little queasy!
Bugger standards, they are so 1990s!
I recently came across the 3.ie domain so I guess that's more of a guideline than rule.
In the mid-90s, 3M was a customer of the ISP I worked for. Unable to procure the domain name “3m.com” they settled for the alternate “mmm.com”: mildly hilarious considering their lines of business.
Tbh though ideally you would use the most restrictive validation that exists in the mail server. If mail server accepts '@tld' you do too.
I have a .blue email address and it's amazing how many sites still won't accept it. I keep a spare Gmail account for these.
You can do quite well at this, if you're willing to not restrict yourself to regexes and commit to some amount of hackery. One system I worked on used a simple regex (just what is described here IIRC - assert the existence of an @ sign), plus did an MX check on the domain, plus warned (not errored) if the domain was within 1 or 2 Levenshtein distance of any of a list of most common email domains (yahoo, gmail, etc). Statistically it seems like we saved people a lot of grief with this simple filtering.
People accidentally typing their name in the email field, stuff like that. I've done that.
The problems with your .blue is obviously completely unrelated to the "email.contains('@')" check the poster is doing.
I keep a Gmail for the same reason.
I tried to add a .wiki link to a Reddit profile recently and their filters also say that domain is invalid.
That's absurd, there's a .wiki that's almost definitely in the top 20 most visited websites in Korea, if not higher.
Documented as "subadressing" in RFC 5233, and the default for both sendmail and postfix, amongst others. As such, often 'accidentially' supported by many mail providers even when undocumented. Google didn't introduce them, nor are they 'unconventional'.
https://www.rfc-editor.org/rfc/rfc5233
Possibly these validators are working exactly as intended and don't want you to know which service sold your email to spammers.
Then again maybe spammers are smart enough to strip of the + from email lists they purchase.
Most of the time they're too disinterested to notice. Oil change places always notice for some reason.
I'll look through my spam foldsr tomorrow and see who's been naughty.
That’s why there is a trailing dot you see in NS records for example.
Technically you can put just hostname for CNAME record. Obviously, any clients that don't have that domain as search domain will fail but for internal domain, you could do it.
I'm fairly old guy who did work with DNS about 35 years before retirement and what I recall from the beginning when I was reading my first copy of DNS and BIND somewhat quite soon it came out -92 I think the second chapter which describes DNS root "A null (zero-length" was already there.
So a FQDN (Fully Qualified Domain Name) well known www.google.com the would be www.google.com."" where between the quotation denotes where the DNS root is shown.
However, resolvers don't recognise that syntax. Don't be fooled by
$ host www.google.com.""
www.google.com has address 216.58.209.164 www.google.com has IPv6 address 2a00:1450:4026:802::2004
from the shell as it removes those double quotes. Using single quotes around shows how that fails and you can check it easily.
$ host 'www.google.com.""'
Host www.google.com."" not found: 3(NXDOMAIN)
The way I learned to understand it the dot in DNS name is (it signifies) the DNS-tree separator, not part of the DNS name. A bit like in some languages (Pascal) use semicolon (;) a sentence separator not an end of sentence like it's in C and many it's practise adopted later.
OK, here's an excerpt from DNS and BIND by Cricket Liu & Paul Albitz, O'Reilly ISBN 0-596-10057-6, Fifth Edition 2006 book which I still have a printed copy in my shelf and shows what I'm referring above.
Chapter 2: How Does DNS Work, page 12, text after Figure 2-1 they write:
"Domain Names
Each node in the tree has a text label (without dots) that can be up to 63 characters long. A null (zero-length) label is reserved for the root. The full domain name of any node in the tree is the sequence of labels on the path from that node to the root. Domain names are always read from the node toward the root ("up" the tree), with dots separating the names in the path. If the root node's label actually appears in a node's domain name, the name looks as though it ends in a dot, as in "www.oreilly.com." (It actually ends with a dot—the separator—and the root's null label.) When the root node's label appears by itself, it is written as a single dot, "", for convenience. Consequently, some software interprets a trailing dot in a domain name to indicate that the domain name is absolute.
An absolute domain name is written relative to the root and unambiguously specifies a node's location in the hierarchy. An absolute domain name is also referred to as a fully qualified domain name, often abbreviated FQDN. Names without trailing dots are sometimes interpreted as relative to some domain name other than the root, just as directory names without a leading slash are often interpreted as relative to the current directory.
... "
I don't have old book copies any more, I've just this one with me.
To me it felt very AOL keyword
They could also cut down on the fraudulent websites out there.
Not sure how to fully implement it but given the safe browsing features already implemented in web browsers it could perhaps be part of that. Or a new TLD.
Curation of "good" or "real" websites has been tried before - I don't envy anyone that wants to try another go at it.
You do realize there are not that many two-letter combinations…? :)
Also I think I blame the daemon in that situation.
Upon informing him that he had forgotten to write the domain, I learned that the site was actually www.com, and he had just left the http://www part off because “the web browser adds that automatically”. I assured him that, while in principle he was more or less correct, but in this case it wouldn’t work. He ended up adding the www, but I could tell he was skeptical that I was just being a smart ass.
You cannot access this site because the owner has reached their plan limits. Check back later once traffic has gone down.
It's funny to refer to these as "dotless" since you still need a dot, on the end, to "canonize" the name and tell your DNS recursor 'hey, stop appending domains to see if you can find this.'
And, our recent history has "Canonized" a new pope, and you could (maybe?) look it up against one of the few dotless global DNS entries, but it's still going to need the trailing dot to tell your recursor that it's a canonical name...
i remember having a conversation w/ paul vixie that he had either set it up (or was presenting it as a thought experiment) that he could have the email address "p@f". and i trust paul knew what he was doing with respect to DNS and RFC822 email.
And then I clicked on the HN to see an archive link and then it worked perfectly.
Jeez, If I am going to build any blog, I am just going to publish to archive.
It seems only a privacy leak tool now.
1000 requests / min @ 10ms limit / request. That's 16 requests per second. Any reasonable CMS, wiki or blogging tool should be able to do one request in 62.5ms. Add on cacheing for non logged in users and nginx serving anything static, that's less than the power a $5 VPS provides.
At these rates, the case for Cloudflare is a lot less than it was.
However:
1. It would run in a single location in the world, whereas Workers (even on the free tier) will run in Cloudflare locations all around the world, close to the end user, reducing latency.
2. If you're going to compare against a $5 VPS, the $5 Workers paid tier is probably a better comparison? It can instantly scale to millions of requests per second.
(Disclosure: I'm the tech lead for Cloudflare Workers.)
As a comparison, that's akin to a person walking 4 km/day vs. flying 4,000 km/day,
It's still not a great comparison as the $5 VPS is already paid for. But to take it as you suggest, I agree it's up to the website owner whether they prefer to have 4km/day workers who can sometimes clone themselves in different parts of the world but only for a limited time until they costmore, or a 4000/day flying suit.
Still a bit apples to oranges.
[1]: https://www.newyorker.com/video/watch/im-not-a-robot
https://medium.com/the-haven/i-am-worried-about-these-newest...
there a fine line between DDOS from bots and 30k real users accessing your site at the same time
cloudflare do not provide resource for the latter
I spent a colossal amount of my childhood and teens playing browser-based games and have zero regrets!
Blog posts don’t change much. Even if your rendering code is horrendously slow (though, why?), you can just cache the resulting html and serve it up with each request. Or slap nginx in front of your web server locally and let that deal with the load. ‘Course you’ll need your http headers set correctly, but you needed that anyway for cloudflare.
Your server has to be pretty badly configured for a personal blog to run out of CPU handling requests.
I wouldn't bet on an average dev being able to set up and configure nginx + Cloudflare correctly.
>Course you’ll need your http headers set correctly, but you needed that anyway for cloudflare
Not if you don't use CF to cache "dynamic" content.
That basically means it starts after the connection was established by the proxy (cloudflare) and terminates before the response is delivered to the client.
Doing the whole round trip within 65ms is actually pretty challenging, even if you are requesting over the wire. It would mean you have maybe 10-20 Ms to query data from the database and process them to html or json. Any kind of delay while querying the database is going to ruin that.
If you had a 65ms in the application, you would probably get a round trip average of something above 90, likely closer to 150 then 90.
If you cache the response yourself (or use nginx), the server should be responding to queries in <1ms.
The message would've been different if it was cached.
https://workers.cloudflare.com/
(I'm the tech lead for Workers.)
[1] https://developers.cloudflare.com/workers/platform/limits/#d...
Most site, on simple page like CMS or wiki should be static. And serving it from cache even a $5 VPS could do a few hundred page view per second, or 1000+ Request per second. I dont believe HN generate these amount of traffic. From previous note on other HN front page page it is actually much smaller than most expected. Something like IIRC 30K to 50K Page views - over the course of 24 hours.
Mind you, at that point you serve more requests slower, before that you don't even notice a latency increase.
Just shows again we really don't need CDN for most things. Just keep it simple.