I think it's particularly interesting that the US use .gov and not .gov.us (as a Brit). I'm sure there are oversights on who can acquire an inherently international .gov domain, but for example here in the UK .gov.uk domains have a strict application process [0] managed by central government.<p>It just seems to me that it would be more secure, and more reassuring to citizens and visitors that they are on the correct site it's under a cctld that's clearly affiliated to and managed by that government.<p>0: <a href="https://www.gov.uk/apply-for-and-manage-a-gov-uk-domain-name" rel="nofollow noreferrer">https://www.gov.uk/apply-for-and-manage-a-gov-uk-domain-name</a><p>--<p>Edit: turns out .gov is exclusively for the US, not sure I feel good about that, particularly as <i>.com and .net are very much not just for the US</i>.<p>The possibility of the US government creating a .gov specifically to confuse uses in a foreign country isn't ideal.<p>I get it, you invented the internet, but the special status you have over it is a little frustrating.<p><a href="https://www.whitehouse.gov/wp-content/uploads/2023/02/M-23-10-DOTGOV-Act-Guidance.pdf" rel="nofollow noreferrer">https://www.whitehouse.gov/wp-content/uploads/2023/02/M-23-1...</a>
I went through the process of registering a .gov domain recently and it definitely takes a couple of months. It requires a letter of intent, wet signatures from elected official(s) on official letterhead, a phone call to a publicly listed number of an elected official, 2FA enrollment for the management of DNS/WHOIS, and a period of time in between some of these steps for some behind-the-scenes verification to take place. Despite the many steps, I did find it relatively straightforward and appropriate given the exclusivity of the TLD. In fact, the most difficult part (that I'm still working through) is convincing management that we should make the full migration to the .gov now that we have it registered...
Briefly scrolling through the the list for really weird ones and “ war-on-pineapple.com” jumped out at me.<p>Turns out it’s not a USDA campaign, but is associated with a CISA campaign to explain foreign influence operations focused on divisiveness.<p>CISA produced a quite good one pager: <a href="https://www.cisa.gov/sites/default/files/publications/19_1008_cisa_the-war-on-pineapple-understanding-foreign-interference-in-5-steps.pdf" rel="nofollow noreferrer">https://www.cisa.gov/sites/default/files/publications/19_100...</a><p>Sadly the domain is inactive, but they helpfully included an archive.org to show some of the additional content (how the CISA director executed a pineapple op on Twitter):
<a href="https://web.archive.org/web/20190726194709/https:/twitter.com/CISAKrebs/status/1154462806311235584" rel="nofollow noreferrer">https://web.archive.org/web/20190726194709/https:/twitter.co...</a><p>And for the record- pepperoni pineapple jalapeño pizza is delicious.
Interesting related thing from India: the official TLDs as per the guidelines are .gov.in and .nic.in, and both are registered as a public suffix (legacy, from when the list was created).<p>However the government created a separate Section 8 company called Digital India corporation that runs a separate group of websites for Citizen Outreach called MyGov, which runs a separate subdomain for these: mygov.in. Unfortunately, they haven’t gotten around to registering it as a public suffix, so there are concerns around security (cookies are shared between completely separate sites). The public suffix list doesn’t accept contributions without authorisation anymore, so it’s unlikely to be fixed.<p>There’s also the interesting case of some government sites preferring .org.in to showcase independence from government interference- RBI, for eg (the central bank) runs at rbi.org.in.<p>I wrote a few more findings when I created a list back in 2020: <a href="https://twitter.com/captn3m0/status/1301613472615030784" rel="nofollow noreferrer">https://twitter.com/captn3m0/status/1301613472615030784</a>
I’ve always thought it was weird that the Canadian federal government uses canada.ca almost exclusively. You see a lot of<p><pre><code> https://service-service.canada.ca/sign-up-sinscrire.aspx
</code></pre>
.ca is open for registration by anyone, and people are used to seeing that TLD. Combine that with the bilingual super long domain names and every once in a while you’ll see a phishing scam like:<p><pre><code> https://service-service-canada.ca/sign-up-sinscrire.aspx
</code></pre>
CIRA could set up a .gov.ca second level or something if they really wanted to keep the .ca, but I don’t think that will happen at this point.<p>It’s at least consistant in looking like a phishing scam!
<a href="http://war-on-pineapple.com" rel="nofollow noreferrer">http://war-on-pineapple.com</a> is purportedly owned by the Department of Homeland Security. It’s a dead link, unfortunately. What a curious domain!<p>[0]: <a href="https://github.com/GSA/govt-urls/blob/main/2_govt_urls_federal_only.csv">https://github.com/GSA/govt-urls/blob/main/2_govt_urls_feder...</a>
Interesting to see both the Minnesota House of Representatives and State Senate using the ccTLD of Mongolia.<p>[0] <a href="https://www.house.mn" rel="nofollow noreferrer">https://www.house.mn</a><p>[1] <a href="https://www.senate.mn" rel="nofollow noreferrer">https://www.senate.mn</a>
I got an official email from New York State's Office Of The Comptroller with a link to osc.state.ny.us. It came from an email address @osc.ny.gov. I don't understand why they couldn't use an official TLD in the URL too.
The most egregious of these to me is moneyfactory.com (the Bureau of Engraving & Printing).<p>It reads as very low-rent considering it's the printing press of the US Dollar. If they reached out to me I'd think it was a weak scam.
[makes an authoritative list of non gov federal sites so you know you can trust them even though they’re not at dot gov]<p>[puts that list at a non dot gov website]
“annualcreditreport.com” is in the list but it’s not a government website. It’s run by a lovely alliance from equifax/transunion/experian, asking you to check the info they hold on you to avoid other people stealing money from banks.
Very odd indeed. In Australia, government departments almost always use .gov.au unless there are exceptional reasons. In the States, it is .[state].gov.au, eg .nsw.gov.au.
Here are all domains, extracted:
94
army
as
biz
cc
cfm
ch
cn
co
com
com
de
Domain name
edu
gov
gu
helenapj
htm
info
int
io
me
mn
mobi
mp
ms
net
nl
online
org
org
pr
sc
tips
travel
tv
tw
us
vg
vi
wiki
ws
xyz
Gov is a horrible because it is exclusively for US.
It would be better if all governmental intitutions in the world could have a gov domain. Much better trust and verification
It’d be more interesting to see a list of sites that end in .gov but aren’t government associated. I feel like the creation of such a site would involve some inside connections and shady backroom deals.
Sort of funny that the README never mentions <i>which</i> government they're talking about. Classic USA trying to make sure everyone knows they're the most important country in the history of planet Earth