For many years, DSL/Cable routers by German company AVM, sold under the Fritz!Box brand, did some internal dns tweaking so that when you typed in http://fritz.box it would lead you to the config page of the router in your network. Now, years later, there actually is a .box TLD (Top Level Domain) and AVM forgot to register the fritz.box domain. Someone else did. And activated Certificate Pinning (HSTS). #Oops
UPDATE 2024-01-27: Their dns entries are flaky ATM, sometimes there, mostly not.
@jwildeboer If you accidentally visit the “real” fritz.box outside the home network, you can’t use that domain inside the home network anymore to access the router admin interface: the “real” website has HSTS enabled and the Fritz!Box of course doesn’t have a valid certificate for the domain.
@mvsde
You can always fall back to a new handshake or even plain HTTP. HSTS is not magic but just a database entry in your browser.
Btw, what happens when HSTS is set by a server in a plain browser context and the same site is opened afterwards in an incognito context? @jwildeboer
A little more background. The box TLD was originally delegated to NS1 Limited, back in October 2016. They sold it to .BOX INC in August 2020. Who in turn sold it to Intercap a few months later, in October 2020. So AVM really had many, many years to find a solution for this problem. Either by registering fritz.box or by changing the firmware of their devices to use, for example, fritz.local or fritzbox.local. Seems it wasn't a priority and this whole thing stayed on the backlog for 7.5 years :)
@daniel I kinda do understand that. With all the new TLDs being pushed out in inflationary ways, it does feel a bit like blackmail that one seems to be forced to "buy" a bunch of domain names with weird TLDs just because. But again, they could have implemented better solutions on their devices that could solve this issue in other ways since many years. They didn't. And that's on them.
The reason .internal is being considered is that it is intuitive. No one could guess what .home.arpa means and it's particularly counterintuitive for any non-home usage.
@jwildeboer@pemensik those are fine too. I think .local is already reserved for mdns usage.
The difference is that internal networks are not necessarily local. You might use .internal within a wireguard network and/or for a corporate intranet.
@jwildeboer@pemensik yeah, I've never seen one without a real fqdn. They'll probably continue to do that after .internal is introduced as well because of ssl certs.
@jwildeboer Well fuck, that means I'm going to have to reDNS my entire network (it's also the default internal domain after all).
I dislike it.
But I guess I can finally figure out how to use a subdomain of one I actually own ...
@jwildeboer
I was hit by that because my SIP client was silently sitting in the background not being able to connect. Not sire how many incoming phone calls were missed.
Fixed with local DNS settings, but the fact this was even possible is mindblowing.
Again, this is always true: its DNS, if something broke.
I guess you will only reach the nft-page if your client uses another (external) DNS Server than the Fritzbox on your Client.
If you use the Fritzbox as your DNS Server (the Box sets itself as DNS Server on the Client via DHCP in default config) it will first identify itself as 'fritz.box' because this are the boxes' internal Name and Domain.
Every client is named {name}.fritz.box on the local network behind the box.
@jwildeboer
I guess the registration process explains why AVM doesnt have this domain:
During launch, .box domains will run through a premium pricing phase, ensuring fair access for everyone. Prices start at $7,680 USDC and then decay exponentially for 6 days until stopping at a fixed rate of $120 USDC. All domains will renew at $120 USDC per year. Domains are minted and managed using the dApp hosted at my.box. Payment is made with ETH or USDC.
Source/Link: https://invezz.com/news/2024/01/18/introducing-box-the-worlds-first-blockchain-native-dns-routable-domain/
Add comment