MEDIA: ICANN rejects .xxx domain
Simon Waters
simonw at zynet.net
Mon May 15 07:51:27 UTC 2006
On Friday 12 May 2006 23:47, Barry Shein wrote:
>
> > The namespace *was* flat, once. That didn't scale, and not just
> > because of technical limitations -- the fact that there are only so
> > many useful combinations of 26 letters in a relatively short name had
> > some weight in there too.
Fortunately unicode has rather more than 26 letters, even the DNS allows
rathers more than 26, except for the first character of a hostname.
> > So hierarchical naming was standardized
> > (some forms of nonstandard hierarchy existed before then), and it's
> > unlikely we're going back anytime in the foreseeable future.
>
> But there's no technical advantage of a hierarchical system over a
> simple hashing scheme, they're basically isomorphic other than a hash
> system can more easily be tuned to a particular distribution goal.
Amazing how many experienced people seem to be saying this isn't possible,
given there are already schemes out there using flat namespaces for large
problems (e.g. Skype, freenet, various file sharing systems). Most of these
are also far more dynamic than the DNS in nature, and most have no management
overhead with them, you run the software and the namespace "just works".
I looked at a couple of these, and sneezed out a new system for a friend in a
couple of hours, when he needed one, without great effort, the main thing was
to avoid known pitfalls. So far it seems to work.
However I think the pain in DNS for most people is the hierarchy, but the
diverse registration systems. i.e. It isn't that it is delegated, it is that
delegates all "do their own thing".
I've always pondered doing a flat, simple part of the DNS, or even an overlay,
but of course it needs a business model of sorts. The main motivation was
security, as currently the DNS model lacks PKI, and it doesn't look as if any
amount of reworking the existing protocols is going to provide a suitable
security framework soon, unless you count HTTPS/SSL and that still doesn't
handle virtual hosting, and adds yet more management overhead in a
hierarchical trust model.
I wouldn't have fancied doing any of these things when the DNS was conceived,
but both hardware and software have moved on enormously. Eventually these
technologies will be replaced, and if it isn't done in an open and shared
manner, the technologies will be replaced by proprietary systems.
More information about the NANOG
mailing list