America takes over DNS

• Previous message (by thread): America takes over DNS
• Next message (by thread): America takes over DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > It is probably time to start looking at alternative naming
> > systems. For instance, we have a much better understanding of P2P
> > technology these days and a P2P mesh could serve as the top level
> > finder in a naming system rather than having a fixed set of roots.
> 
> The only serious (?) proposal I've seen until now, CoDoNS
> (http://www.cs.cornell.edu/people/egs/beehive/codons.php), uses
> DNSSEC, so it has the same dependency on the US government.

My message was not an encoded support message for any specific product
or implementation. If anything, it was a call for research help. I
realize is not a short term fix, but a problem like this needs to be
attacked on many fronts at once.

> > better understanding of webs of trust that we could apply to such a
> > mesh. 
> 
> You mix up *resolution* of names (which could be done by a P2P mesh
> like CoDoNS, replacing the root name servers) and *registration* of
> names, which have to be hierarchical if you want to preserve unicity
> of names. And this is the important point of control (the root name
> servers are not controlled by the US government, unlike the
> registration root).

If there is a P2P mesh holding pointers to servers which provide
namespace resolution, then you have a trust issue. How do you know that
you can trust the part of the P2P mesh that you are talking to? How do
the mesh members trust each other? This is where the web-of-trust
approach is useful. Once such a mesh is in place, you no longer need the
root of the hierarchy to be rigidly controlled by a single entity. It
could be managed by some sort of confederation, rather like IP
addressing is controlled by the RIRs, IANA and the NRO. It is the rigid
control of the root if the naming hierarchy that leads to the single
point of failure issue.

And in fact, unicity of names is an illusion. It certainly does not
exist in the real world and it does not exist in DNS unless you take an
extremely narrow technical view. For instance, what about all those
tasting domains that contain amazon or ebay in the name? Or in Russia
where Cyrillic domain names are sometimes transliterated to ASCII
characters using a French-based system (e.g. Iouri) or transliterated to
ASCII using and English-based system (e.g. Yuri) or translated to
English (e.g. George). But in the .ru registry, three independent
entities could register iouri.ru, yuri.ru, and george.ru. Not to mention
the fact that Russian domain names are often printed as .py in
advertising which happens to be the TLD for Paraguay.
 
> So, you've not solved the problem.

I never claimed to have solved any problem. In fact, I think my message
was more a statement of requirements than a solution.

If the researchers manage to come up with a workable system for multiple
namespaces as a result, then so much the better. DNS may not be forever.

--Michael Dillon. 

• Previous message (by thread): America takes over DNS
• Next message (by thread): America takes over DNS
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]