Bitcoin Forum
January 26, 2021, 03:02:01 PM *
News: Latest Bitcoin Core release: 0.21.0 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: [1]
1  Bitcoin / Bitcoin Discussion / Re: BitDNS and Generalizing Bitcoin on: December 14, 2010, 05:28:23 AM
There is no need to trust ICANN, except for perhaps acknowledging that there are other systems for domain allocation that aren't going to go away and that other people will be interested in using.  I don't see any sort of DNS replacement system suggesting that the ICANN domains should be ignored, merely that they ought to be depreciated with new systems.  The history of ICANN is one of a small group of self-appointed individuals trying to gain control over the resources of the internet for their own personal financial gain.  It also concentrates this authority in such a way that allows governments to exert political influence upon the allocation of domain names for political purposes that have nothing to do with the technical operations of the internet.  One of the points of setting up a peer-to-peer domain allocation system is precisely to get away from this central authority.

There is a sort of libertarian/anarchist bent to the whole notion of creating an alternate DNS system, which is one of the motivations for why this is being set up in the way being described.  Otherwise, I guess you can accept the system as promoted by ICANN.

I think we're on the same page here.  I didn't make it very clear, but my whole "At the end of the day you have to trust ICANN" line was part of the problem statement, so to speak.  I didn't mean to indicate that was something that is just a given, but rather the principle problem that I'm hoping this can work around.

Quote
I quoted Karl Auerbach, a former director of ICANN and a leading computer & software engineer involved in domain registration, who pointed out that there is no need for a monolithic TLD structure.  I challenge this notion entirely as something which is outdated, but that is a debate that can be left to another day.  For me, restricting this to a single TLD or a small group of TLDs is not even necessary and I think anybody registering domains on this system should also be given the option to create some arbitrary TLDs at will too.  The DNS system does not require TLDs to function, and in particular a system with a peer-to-peer domain registration certainly doesn't need TLDs either.

In principle, I absolutely agree.  But the reality of the situation is that people are used to the current system, so eliminating TLDs just increases the barrier to entry.  At this point, most web users have a mental model of how web addresses are formed that pretty much assumes a hierarchical system.  We ignore that at our peril.

Furthermore, allowing arbitrary TLDs effectively guarantees that someone is going to register some of the existing domains.  This is a huge problem in how I envision a system like this being used.  Since I doubt most people are going to just cut themselves off from the existing Internet to live in our corner of the network, the best we could hope for right now is a system where you get DNS names from a DNS server supporting BitDNS, and if it can't find it, it falls back to the existing DNS system.  That works great until you have a conflict, at which point you may end up with a different server then intended.  The beauty of using a new TLD, and forcing everything to fall under that, is that you are implicitly declaring your intention to go to a BitDNS name.  There is no surprise that you went to a server specified in the BitDNS network, since it isn't even valid in the existing system.  And vice-versa for standard names.

When we look at the design of the system, we should definitely allow for the possibility of arbitrary TLDs, since that is clearly a desirable feature in the long-run.  But for now, it makes sense to me to limit TLDs so that this new system could be integrated into existing usage models as seamlessly as possible.
2  Bitcoin / Bitcoin Discussion / Re: BitDNS and Generalizing Bitcoin on: December 11, 2010, 07:43:08 AM
After reading through this whole thread, I've got a couple of comments that I think would be helpful:

1)  Everyone in the thread seems intent on replacing the entire DNS infrastructure in one fell swoop, which I think is the wrong approach.  The real problem with the DNS system as it exists today is that somebody has to own the root.  At the end of the day, you have to trust ICANN.  What the DomainChain/BitDNS system should strictly focus on is establishing ownership of domain names.  All it needs to track is that the holder of Key A owns domain foo.bar.  Once we've established this shared trust, we can support many different DNS infrastructures that can be implemented independently from this project.  Whatever new systems are created use DomainChain/BitDNS to establish which key owns the domain, and only allows that individual to insert records for that domain.  This works out well, since all participants in the system can validate that the record they've looked up is valid.  Right now it is easy to get bogged down in all the details of managing DNS records, when all we need to do is establish a trusted, distributed authority that can form the root of DNSSEC, some new p2p DNS, or whatever.

I'm also thinking this could be used to solve the CA problem with HTTPS, since signing your certificate with the same key would prove that I've reached the correct server.  But I digress...

2)  Limiting the TLDs should be a requirement.  If this system doesn't inter-operate with the existing DNS infrastructure by preventing name collisions, it will undermine the trust you are trying to generate.  Even I'm not sure I'm ready to sign up for a distributed DNS system if someone new can pick up www.mylocalbank.com and cause havok.  I'd humbly suggest .web as the TLD to use, but anything will work as long as it is short and not currently in use.

Right now the focus should be on getting this up and running in a way that doesn't conflict with the existing system.  If this system becomes dominant at some point and needs to tackle additional TLDs, that is a "problem" that can be dealt with then.

3)  Personally, I think expiring domain names are the way to go.  Even with relatively expensive renewals today, there is still a ton of junk out there.  I can't imagine how bad it would be if you owned a domain forever.  It isn't asking much to say that you have to renew your domain periodically to keep it, especially since this shouldn't be the ripoff that the existing system is today.

I'd like to close out by saying that this is really exciting stuff.  I've read a number of different ideas about how to solve the DNS problem, and this is the first one I've seen that could actually solve it (and not just replace ICANN with pick-your-new-benevolent-dictator).
Pages: [1]
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!