Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership | k5 store

[P]
An Immodest DNS Proposal

By Arkady in Culture
Thu Jun 01, 2000 at 10:45:30 PM EST
Tags: Internet (all tags)
Internet

We all have issues with what the DNS has become over the last few years or, to be completely accurate, I've never actually spoken to someone who didn't have any issues with it. I would like to lay out what I see as the largest problems, explain how I think they are intrinsic to the current structural arrangement of DNS and propose an immediately available solution.


So, for K5 readers, I probably don't need to go too deeply into descriptions of what's wrong with the current state of the DNS, right? Here, as I see it, are the main problems which I think we should consider and to which I'd like to propose a solution:

  • DNS is centrally controlled by an organization (ICANN) whose primary interest is supporting business, rather than in maintaining and improving the system itself and whose primary claim to legitimacy is through delegation by a single country's government (USA).
  • The system is managed by a single for-profit corporation (NSI), which is bad enough but registrations are managed by many competing for-profit corporations. NSI is also primarily legitimized by delegation from a single government (USA again, naturally).
  • The Intellectual Property laws of a single country (there's the USA again) are being used inappropriately to control the activities of users in non-commercial parts of the Net (corporate control of the .net and .org domain trees through US Trademark law) and in other countries.

I think we can, for the most part, agree that the amount of effort necessary to gain sufficient control of the existing ICANN/NSI system to repair these faults would be too great for that to be a viable option, though I do think it should not be ruled out completely. With the support of the American government and the large corporations, this system is very well defended from outside influence. As the recent post to Slashdot describes, ICANN's voting "membership" is being given far too few seats on the Board to have any real impact on its activities and as a recent K5 post describes, those activities are not necessarily desirable.

So, any viable solution must come from and operate outside the ICANN/NSI system. It cannot attempt to fix the current hierarchies (.net, ,org, .us, .fr and so on), since those are all controlled by the current established system, but must be based on either the establishment of a new name resolution protocol or on the raising of new hierarchies using the existing protocol. There is a system being proposed for a new protocol which could be used to replace the ICANN/NSI system but, since I do not personally find much to fault in DNS/BIND (from a technical perspective), I propose that the best solution is to establish new domain hierarchies using the existing protocol.

As AlterNIC attempted demonstrate a few years ago (and what seems to be anotherAlterNIC continues to try) this is technically possible, though it has not worked out for them. Many of us, myself included, who would have supported such a project even several years ago refused to support the AlterNIC project largely because they are just another profit-motivated business. Since the major problems in the current DNS system derive from the fact that it is run by corporations whose primary motivation is profit rather than maintaining the system itself, I fail to see how adding another such system would improve the situation.

AlterNIC has demonstrated, however, that there are no large technical issues preventing the establishment of new domain hierarchies. The real impediment is social, rather than technical: in order to succeed, an alternate hierarchy must convince a sufficient number of networks to support their root servers as well as NSI's. Whereas domains registered through the ICANN/NSI system work automatically, since that system is supported by the ISC BIND distribution, alternate hierarchies must convince network administrators to add support themselves. This has been difficult for AlterNIC, as I said above, largely because they are just another for-profit venture.

From this I conclude that any new DNS proposal which depends on establishing new domain hierarchies needs to meet these criteria:

  • It must be non-profit, as its primary motivation has to be the functioning of the system itself, not shareholder profit.
  • Control and functionality need to be distributed Net-wide as a true membership organization since its legitimacy must derive from its users, rather than from the business and government interests of a few countries (or from one country).
  • It must provide domain trees that are explicitly and unconditionally non-commercial, to maintain the freedom of those domain's users from commercial interests, as well as trees which are completely commercial, to guarantee uniqueness within the commercial sphere. It must actually enforce these policies.

If this analysis is correct, the best (and possibly only) way to repair the DNS system is to establish a set of linked non-profit organizations around the world to operate it. This distribution of the social structure would also help distribute the technological structure as well, since each regional or local registrar would also maintain a regional or local root DNS system. These organizations need to be controlled by their users in a manner similar to consumer cooperatives (or whatever is closest in the host country's legal system).

What do you folks think? We, the users of the Net, have the technical expertise. We have the computational and bandwidth resources. We have, if organizations like the Electronic Frontier Foundation can be convinced to support it, the legal expertise. We have the worldwide distributed presence and the example of other global projects to lean on. I think we could do it.

-robin

Sponsors
Voxel dot net
o Managed Servers
o Managed Clusters
o Virtual Hosting



Login
Make a new account
Username:
Password:

Note: You must accept a cookie to log in.

Related Links
o Slashdot
o K5
o ICANN
o USA
o NSI
o the recent post to Slashdot
o a recent K5 post
o DNS/BIND
o AlterNIC
o AlterNIC [2]
o technical issues
o Also by Arkady


Display: Sort:
An Immodest DNS Proposal | 66 comments (66 topical, editorial, 0 hidden)
Vive l'resistance! ... (3.50 / 2) (#4)
by Ozymandias on Thu Jun 01, 2000 at 06:32:56 PM EST

Ozymandias voted 1 on this story.

Vive l'resistance!

I'm willing to support it on my DNS servers. You volunteering to head up the effort and get the ball rolling?


- Ozymandias

Interesting idea. Let's think seri... (3.00 / 1) (#7)
by decomyn on Thu Jun 01, 2000 at 06:33:53 PM EST

decomyn voted 1 on this story.

Interesting idea. Let's think seriously about it. I'd also like to see any alternate name <-> address scheme have support for the newer large-address-space (IP6? don't follow it much) addressing. If it were done carefully, there might be a seamless transition between systems. Timing looks good. Would require some sort of parallel operation and resolution mechanism if the 2 systems returned different addresses, hmm... Perhaps a mechanism that looked up the netDNS servers, then fell back on the NIC servers in case of failure? In case both servers resolved, the netDNS would be there first...

Perhaps an "OpenDNS" project needs ... (3.70 / 3) (#8)
by iCEBaLM on Thu Jun 01, 2000 at 08:23:46 PM EST

iCEBaLM voted 1 on this story.

Perhaps an "OpenDNS" project needs to be undertaken to promote an alternative root server set. Clearly ICANN is not working out, and I don't see it working out anytime soon, the only solution I see is if people take it upon themselves to start, push, and use a new and truely open registry.

I've wondered for a long time why t... (none / 0) (#1)
by rusty on Thu Jun 01, 2000 at 08:38:47 PM EST

rusty voted 1 on this story.

I've wondered for a long time why this hasn't happened already. There's *no* technical reason for NSI to hold a monopoly on TLD registrations. As Arkady points out, the only bottleneck is getting admins to add root servers to their DNS setup. So, umm... why hasn't this been done already?

____
"Don't tase me, bro." --Andrew Meyer

DNS system needs to be changed, any... (none / 0) (#2)
by fvw on Thu Jun 01, 2000 at 09:16:46 PM EST

fvw voted 1 on this story.

DNS system needs to be changed, anything on DNS is good atm.

Wonderful writeup and pertinant too... (none / 0) (#6)
by ishbak on Thu Jun 01, 2000 at 09:47:56 PM EST

ishbak voted 1 on this story.

Wonderful writeup and pertinant too!

This is a great idea. Maybe we shou... (none / 0) (#5)
by hooty on Thu Jun 01, 2000 at 10:06:06 PM EST

hooty voted 1 on this story.

This is a great idea. Maybe we should start with the .god domains :)

My primary nit to pick is the autho... (3.70 / 3) (#3)
by eann on Thu Jun 01, 2000 at 10:45:30 PM EST

eann voted 1 on this story.

My primary nit to pick is the author's apparent belief that commercial interest is the cause of all evil. For example:

This has been difficult for AlterNIC, as I said above, largely because they are just another for-profit venture.
When I was a sysadmin at a fairly good-sized regional ISP in the mid-1990s, I had the choice of configuring my name servers to check AlterNIC's for random domains. At the time, the idea was not ripe. Part of it was the traditional vicious circle problem: there was no demand for me to change the nameserver config because no one registered domains with AlterNIC, and no one registered domains with AlterNIC because ISPs wouldn't change their nameservers. The other question I had was reliability: the existing system gave me 8 root servers, spread out across and connected to all the major (and most of the minor) backbones. No matter what was happening on the net, if I could get to my upstream ISP at all, I could look up a domain name. Under AlterNIC's proposal (at the time--I haven't looked since), I'd insert theirs first in my list. But what if it failed? Or the network between what-was-then-here and there? Some domains would work and some wouldn't. And third, just in case this business model somehow worked, how would it be reasonable to decide between alternative NICs? That's not the kind of service we wanted to provide to our customers.

It really had nothing to do with AlterNIC being for-profit.

One final note, as ideas for this are tossed around: it has always bugged me that people think "local" on the net means geographically nearby. It means no such thing. It means topologically nearby, which could be the same thing, or it could be halfway around the planet if that's where your least congested link to the outside world ends up. It's a sticky wicket for dealing with legal systems when trying to deal with something like this, but it's the only way to think about the network correctly and it'll likely be a condition of widespread acceptance.

Our scientific power has outrun our spiritual power. We have guided missiles and misguided men. —MLK

$email =~ s/0/o/; # The K5 cabal is out to get you.


ahh.. the proto- "UnderNIC"... that was (4.40 / 5) (#9)
by sjanes71 on Thu Jun 01, 2000 at 11:18:14 PM EST

When I was your age [...] uphill-- both ways! I remembered the days before InterNIC/NetSol become the commercial beast... domain registrations took months, and were arbitrated on appropriateness (no (seven-unmentionable-words).(org|com|net)). And then, the bombshell.. .com and .net domains cost money now-- back then it started at $30/yr I believe.

And then .org... it didn't take long. Now you have every permutation imaginable. Someone recommended that they make new TLDs... it never happened-- we'll someone said "Let's make them..." but no one ever did it at the Root Servers.

At the time, we were very angry about it-- we planned ("we" meaning the people who hung out on LinuxNET IRC) to make the UnderNIC... UnderNIC root servers would grandfather in the InterNIC namespace and create a bunch of good TLD's for companies to use.

.card, .bank, .corp, .card, .inc .llc, .assoc, .etc, et al. (Today we would consider the additon of .pr0n, back then pr0n didn't exist as an expression of a certain kind of entertainment downloaded from the Internet).

What happened? Do you know how hard it is to get the whole Internet to change their root.cache? :)

Using the Evil of the Internet Against Itself? Sadly, maybe the only way to get the Internet to regain control of the root servers away from the slow beauracracy that absorbed them is a very antisocial DoS attack on the root servers AFTER the new root heirarchy is built and well publicised. (Could we nominate kibo as our spokesperson?) Someone can buy a copy of the InterNIC's mailing list and SPAM administrators letting them know that The End Of The Net As They Know It[tm] is going to happen at... whatever. If someone wants to be MILLENNIAL about it, they've got 6-months to build it and tell everyone about it before the real Millennium starts. (I would have worked in a Backbone Cabal reference in there but that was slightly before my time.)

The above is mostly in jest-- I think the real answer lies within FreeNET-- FreeNET should consider figuring out how to not only protect content, but also create a mechanism for a distributed DNS system which would not be vulnerable to DoS attacks or legal threats.

[I speak for myself, no part of this comment may be construed as anything my employer would consider as its party line.]


____
Simon Janes
Money makes the world go around... (3.50 / 2) (#11)
by Zuid on Fri Jun 02, 2000 at 12:01:42 AM EST

This idea is, essentially, exactly what the internet needs. Well, one of the things the internet needs. :)

With the WWW being one of the primary catalysts for the recent and sudden expansion of the internet from a couple of university dialins here and there to being able to order your shopping off the door of your microwave, most of the non-tech-oriented community has come to see the internet as not much more than the transport on which the WWW lies.

Unfortunately, the WWW is (well, was) one of the few examples of how the internet _shouldn't_ work. A single server (or nest of servers) hanging off one or two pipes. This idea wouldn't stand up very well to the "can this survive a nuclear war?" test. :)

This has resulted in a "this is how things are done" mentality amongst those who, really, shouldn't be in a position to dictate how things are done (and, frankly, are making a huge and difficult mess of things). Advertisers, non-tech managers, and worst of all, "e-business solution" providers.

So, while the internet expands to include more and more people who have no idea of all the awful mismanagement going on and also have no idea why they're putting ".com" on the end of every damn website they visit, profit oriented companies are using "This is how things are done", mixed with "what do the consumers know?" to make sysadmins jobs very difficult, and slowly but surely bog the internet down to a place where we now have court cases over companies squatting on the domains of other companies just to ensure they can't have an easily accessible web presence.

Not only is this quickly bringing about the need for administration bodies which base decisions on rules rather than profits, but it also suggests a need for a restructuring of TLDs and some firm guidelines on the matter.



SIMPLE FIX: It's a bug in BIND, fix it like any o (5.00 / 3) (#13)
by torpor on Fri Jun 02, 2000 at 12:37:54 AM EST

(Sorry for the re-post - forgot to hit 'plain text' before I posted)

The problem is one of distribution of additional root.cache entries. Source code releases are a solution to distributions - so include the new root.cache entries in the DNS/BIND tarballs.

Start by modifying the default root.cache file that gets distributed with the standard bind package to include the new root servers. BIND is responsible for the majority of DNS traffic on the 'net, so fix it and let other DNS vendors play catchup accordingly. Alterna-root servers is a *feature* upgrade of BIND/DNS servers, and as such, it should just be treated as a feature upgrade, same as any security patch or optimization patch release of the BIND code.

There's *factually* nothing stopping the BIND maintainers from doing this.

Then, we could make patches available for all major distro's of OS's that will automatically update the root.cache file as needed, and get them everywhere.

RedHat/Mandrake/SuSE/etc. could all very easily just include extra root servers in their default installs of root.cache, as could the various BSD vendors, and maybe eventually Microsoft too - and thus within a few months (given the release frequency of the average distro), a lot more new and upgraded DNS servers will be paying attention to the new root domain servers.

This will cover a fair majority of DNS servers that are being run out there by people who generally don't give a crap - as long as DNS for their local domains works, they're cool with it. I've been running a DNS server since 1991, and I'd be happy to add alterna-root servers to my BIND install if there were a simple way for me to do it and never have to worry about it again - but I'd be happier to have it just happen the next time I upgrade/patch/fix BIND due to some security update release or something.

And the long-term solution for this is to have BIND implementations automatically go out and get new root.cache records from the 'net itself as needed, periodically, preferably from a non-commercial body such as ISO or ECMA or some such non-profit, standards-based organization.

j. -- boink! i have no sig!
Sounds like a great idea (4.00 / 1) (#14)
by Potsy on Fri Jun 02, 2000 at 03:53:11 AM EST

This sounds like a terrific idea. I would be very happy to volunteer time and money towards the creation of an alternate DNS system. The current ICANN/NSI system is, as you pointed out, a sham in which business interests are the only interests that matter. A system in which fairness and equality prevail over money is desperately needed.

That said, the big question is, how could such a system avoid the trap of "no users"? I propose the following features as a solution: Naturally, the most important feature would be the fairness and flexibility of the new system. There has been much discussion about what is wrong with the current system, so I won't go into that here. However, I do think that having a system that fixes the problems of the current one would not quite be enough to get everyone to use it. There have to be some other incentives to use it as well.

  • Make registration free. That's right, free, as in zero cost. Just fill out a form, and you're registered. Any one with a static IP address could have a domain name under this system.
  • Give it a catchy name. This is far more important than it may at first seem. A reason frequently cited for the popularity of Linux is that it has a catchy name. The name should also emphasise the . "FreeDNS", "OpenDNS" might be good choices.

Of course, gimmicks like the catchy name are not the main point. The main point is to free people of the tyranny of the current system. But the gimmicks can help get people's attention.

There must be a reason why it have never been done (none / 0) (#17)
by Anonymous Hero on Fri Jun 02, 2000 at 09:03:21 AM EST

I mean, I hear this kind of proposal half-a dozen time each year and I never see anything beeing done. Why ?

I don't even want to force my ISP to use those alternate servers, I'd be happy to add them in my resolv.conf (Sure, it is bad for perf, but won't be as bad as gnutella :-) )

So can't someone set-up a DNS so we can add it to our personal config and start to refering to <http://slashdot.weblog> and <http://kuro5hin.weblog> ?

Then ISP could start adding them in config when it get mindshare...



You need added value? (5.00 / 3) (#18)
by paranoidfish on Fri Jun 02, 2000 at 10:19:12 AM EST

I've been mulling over things like this for a long time now, and I'm not surprised that this is being suggested. There are a couple of points that sprang into my mind recently:

  • DNS does not make sense to joe public

    It took me an hour to explain to my mum (who is a db2 consultant, so is not exactly computer illiterate nor afraid of abstraction) why web addresses have http://www at the start and mostly end in .com. Some people refuse to beleive my email address is real, just because it ends in .ac.uk and not .com. Heirachical systems do not make sense unless you think about them, and most people do not want to think. They want to type in "WWF" to their browser and get to the wrestling.

    URL's were never meant to be seen by the public. Things like Realnames have the right idea, in that if nobody except the techys sees the urls, a company would be happy with the address http://www.companyname.ohio.us.isp.net/, and the controversial part of icann's role disapears and netsol runs of of business to deal with quickly.

    A keyword based system would make so much more sense what with the web/net as it is today, at least, from the consumers perspective. Keywords are already a reality (whatever.com), it's only a matter of time before people stop bothering with the ".com" like they stopped bothering with "http://www"

  • People need a reason to switch to an alternative system

    If it ain't broke, don't fix it, right? Try explaining to some sysadmins, let alone a AOL-newbie, what is wrong with the current system. Any alternative to ICANN, no matter how well run will still be the same thing in their eyes.

    So to get people to switch, you need to give them something new in the way of features. If you say to them "Here is something cool, which you can only get by switching to this new system", they'll demand access to it from their ISP soon enough.

    Look at it as the open source version of "embrace and extend" if you will :-)

Thinking about these two points leads to the final conclusion, which is that maybe instead of trying to reinvent icann, people should look to reinvent DNS?

A well thought out system, learning from the mistakes made in administering the dns system, which is more intuitive to the common user, with more protection from spoofing and other security problems and greater support for cacheability, distributedness, mirrors and round-robin-dns style systems, along with a few killer options and foresight for potential problems in a wireless, mobile world, could be taken up quite quickly by those in the know. Everyone else could follow soon after, especially if it is supported by linuxv2.6 and Windows2002

(Note, I'm not saying there is anything wrong with DNS in itself, just that if you are going to bother trying to reinvent the wheel you might as well invent ball bearings to fix some of the problems you've got with axles while you're at it. Of course, I'm being optimistic in assuming that there are ball bearings to invent, never mind if they are in easy to use cartridges.)

Nobody thinks the net is going to remain the same forever, yet everyone seems to be scared of actually changing anything, especially now that the whole world is watching. How many people still use Gopher?

I guess that was worth about 15cents...



Changing your Root Cache? (5.00 / 1) (#24)
by Anonymous Hero on Fri Jun 02, 2000 at 02:56:19 PM EST

How about developing a product that is the first to offer DNSSec (an added value service), which contains the standard root cache nameservers in, but also a few choice other roots.

I don't understand why the US government should have such control over a global phenomenon developed by academics.

OTOH, I'm making some money out of the current system, so why should I change ... :-)

Corporation though (none / 0) (#25)
by Anonymous Hero on Fri Jun 02, 2000 at 03:02:40 PM EST

The large US corporations control a large chunk of the net.

The large US corporation is who is best served by ICANN...

so how does one convince the large US corporations that they want to make use of the new system?

with out them, the whole thing will be a flop...

NSI does not control the root nameservers.. (none / 0) (#28)
by Anonymous Hero on Fri Jun 02, 2000 at 04:09:57 PM EST

The root nameservers take direction from ICANN, not NSI.

OK, so I've prototyped it; it works (5.00 / 3) (#30)
by Arkady on Fri Jun 02, 2000 at 06:18:15 PM EST

Hi all,

Since there were some folks expressing interest, I went ahead and set it up on my servers on devnull.net. I'm building a web page to describe it, but here's what to add to your named.conf file to set yourself up to see it (running BIND8):

################################################################################
# #
#Compatibility: OpenNIC TLDs #
# #
################################################################################

zone "opennic" in
{
   type slave;
   file "tld-opennic";
   masters { 209.21.75.51; };
};

zone "null" in
{
   type slave;
   file "tld-null";
   masters { 209.21.75.51; };
};

I've set the OpenDNS TLD as .opennic and, as an example of another TLD I set up .null (since I've always wanted to have dev.null to go with devnull.net ...;-).

Unlike AlterNIC, this example does not depend on your modifying your .cache file since you cannot rely on my name servers always being available. Instead, each top-tier server will secondary the TLD files for now. By the time that enough domains are registered the resources should be available to do real root name serving. That way we can grow carefully.

Email me at opennic@unrated.net if you'd like to organize a TLD or think you'd like a domain in .null (which will be required to be completely non-commercial). We'll start setting up the organization and policies for the OpenNIC.

Cheers,
-robin

Turning and turning in the widening gyre
The falcon cannot hear the falconer;
Things fall apart; the centre cannot hold;
Mere Anarchy is loosed upon the world.


It may be a bigger problem than you think (5.00 / 2) (#39)
by KindBud on Sat Jun 03, 2000 at 12:37:08 AM EST

ISC gets funding from NSOL, Sun, lots of others. I think you will have a hard time getting alternate roots distributed with the BIND source for this reason. You shouldn't need to anyway, but BIND enforces the current hegemony. You realize the named.cache file is really a "hints" file. In it, you place the names and addresses of the servers your BIND should query to discover the real roots. Try putting some other names and addresses in your hints file sometime, public servers that allow anyone to make queries. Right after startup, your BIND will have cached the "real" roots and will forget about the ones in the hints file.

BIND has another annoying "feature" leftover from the days when cache poisoning was a problem, that also contributes to enforcing compliance with the prevailing authorities. It accepts the non-authoritative glue from the roots in preference to the glue supplied by the authoritative nameservers. You cannot override the TTL of your own NS records and their A records, so you cannot reduce your domains' reliance on the roots by increasing the TTL of your own glue. Client caches will have to recurse to the roots every two days no matter what TTL you set on your glue. I seem to recall that this is an artifact of the now-obsolete "credibility rules" that were added to BIND in the late 4.9.x series. BIND 8 now discards out-of-zone glue, solving the poison problem, so the credibility rules are no longer needed, but they are still there, and it screws with my ability to improve the reliability of my own domains by making my glue persist longer in client caches, thereby reducing the number of trips clients must make to the roots.

I followed a link to this site from the freenet mailing list, and on my first visit, I felt like posting. Site looks great, I am getting worn out by Slashdot. In case you can't tell, I have a few axes to grind with NSOL and BIND. :) See cr.yp.to for one part of the solution. I highly recommend it. And it's perfectly suited for adding alternate top levels to your own network services. There is no hints file. It believes you when tell it where the roots are, and you can also set it to ignore the roots and query particular servers for particular domains. Very nice, and very robust. Check it out.

--
just roll a fatty

Important concepts (5.00 / 2) (#42)
by Anonymous Hero on Sat Jun 03, 2000 at 01:30:10 AM EST

That something like this needs to happen is a truth, but much of the posting here seems to, well, "not get it." To do this right requires working to find the right way to do things, not just jumping out with something nifty. Nifty comes later.

First, we need to get away from the concept of owning names. Where did this even come from? Names are things people use, not buy. Names aren't commodities, no matter what companies who want to sell them try to tell us. The service needs to allow names to just be, and that means a name can never be considered "taken." Some product named "Nova" shouldn't keep people from finding some other product coincidentally sharing the name. So, we need to allow identical names to coexist, even to encourage it.

To many, the biggest issue is the ridiculous proliferation of domains. Soon you'll be able to type anything in and get a web site, but you'll have to do a search to ever find a specific site for a given name. What kind of organization do we have when everything is in a single flat list? Is that even an organization? We need something more unique than the bare name already; the standard solution to that is an essentially fixed qualifying path, which we get naturally from a hierarchy. Domains were supposed to be hierarchical--now we've got to go back to the beginning and make sure the hierarchy matters this time. It needs to be what everyone wants: short, easy, deep, complex, unique. No single hierarchy can do this--we need multiple hierarchies that can intuitively overlap. "Intuitive" implies a non-rigid system.

This brings us to hierarchies of clear categories, where a given address can exist in several places, a given path can lead to multiple distinct addresses, and inferrable sub-paths can be omitted. For example, if I wanted information about Sprite, I could look under /Product/Sprite, /Product/Food/Pepsi, Company/Coca-Cola Company/Pepsi, /Country/USA/Georgia/Coca-Cola Company/Sprite, and quite a few other variations. If I chose a path that gave multiple addresses, I should get prompted to add qualifiers, pick from a list, or the resolution should fail (Or a user could have some resoltion preferences that the client applies to automatically narrow searches, like the search domain entries in DNS resolvers).

Next, we need freedom from the US and English. All the name suggestions I saw posted were strictly English--and for the top level domains! Do Basque speakers really have to use .Bank? Shouldn't the name service components be translated into the local language until a resolving name is reached? If the Martian word for "product" is "quux" then Martians should be able to find Twinkie info under .../Quux/Twinkie.

But what is really interesting here is that none of this actually requires DNS at all. Set up mirrored web servers to do the name resolution (basically returning a list of sub categories or addresses), and then change the browsers to provide more intuitive access with the new urls (For old browsers, return a redirect). Don't make people type: the browser should offer name completion transparently and preferable have or connect to something with a bit of smarts in the name search, for users who just want to type a single name. Know when to hide parts of the URL. The browser probably doesn't need to show the name service portion of the url unless the user specifically wants to edit it (and not just type in a new url). With helpful expansion, we can keep many annoying abbreviations and amalgamations from clogging the naming hierarchy.

Well, it's getting harder to convince myself I'm not rambling, so that's probably more than enough from me on this.



Problems and comments. (5.00 / 1) (#52)
by Anonymous Hero on Sat Jun 03, 2000 at 05:00:37 PM EST

There's at least one problem with this that will be difficult to address: Web caches tend to receive most of their requests as hostnames while web servers sometimes require them. Virtual hosts for eg. Proxies not in on the deal will have to be avoided for this to work, and transparent proxies can't be. The fact that Alternic asked people to trust them more than the root servers was a big problem too. These for me were the killers for Alternic. The way I see it, something better needs to be created _and_ ICANN needs to be taken on. Neither is good enough alone. May I suggest that once the issues others have mentioned have been hammered out, that some sort of voting mechanism is added. TLDs can be created randomly unless they're well established and get to live as long as people keep refering to them perhaps. Plus or minus a few minor details I think that could be made to work.

OpenNIC web site and email lists (none / 0) (#56)
by Arkady on Sun Jun 04, 2000 at 01:09:17 PM EST

I've set up a site at "http://www.unrated.net/projects/opendns" (which you can get to as "http://www.opennic/projects/opendns" if you're already configured for OpenDNS" ... ;-).

I've set up a few mailing lists as well, since no community project seems to be complete without at least a few. They're described on the site. Basically, if you're interested, you can subscribe by sending an email to "majordomo@unrated.net" containing either "subscribe opennic-discuss" or "subscribe opennic-announce", depending on to which list you're subscribing.

Thank you all for your responses and suggestions. I will keep track of all the comments and try to integrate all your suggestions into the project.

Cheers,
-robin

Turning and turning in the widening gyre
The falcon cannot hear the falconer;
Things fall apart; the centre cannot hold;
Mere Anarchy is loosed upon the world.


Open or not, namespaces face the same basic proble (5.00 / 1) (#57)
by andyo on Mon Jun 05, 2000 at 01:02:49 PM EST

The proposals for new naming systems are exciting. And in some ways, innovative sites like Napster are branching out into new areas already--you find other people on Napster through the names by which they registered themselves, not through DNS. (There's an interesting article about this little-noted aspect of Napster.

But I'd like to see more discussion of how to avoid the problems in Realnames and in the current system. Do you stick to first-come-first-served, or have a dispute resolution policy? How do you avoid favoritism in the sites returned from a search? These problems don't go away just because good people will presumably be in charge.

As for keeping DNS and making it a non-profit activity--that's been discussed a lot on mailing lists among DNS activists. Most think that non-profits can have as many agendas of their own as for-profits. What's important is to reduce the importance of the DNS namespace (by providing alternative search mechanisms) or to increase its size to reduce scarcity, as people have discussed on this list.

Shamelessly plugging my own proposal (5.00 / 1) (#64)
by Anonymous Hero on Wed Jun 07, 2000 at 04:09:58 PM EST

I wrote up a proposal for a solution to the DNS problem a while back. It's <a href="http://www.literati.org/seanl/dns.html>here. Flames welcome.

An Immodest DNS Proposal | 66 comments (66 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - 2006 Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
Khartoum is in the room. Phnom Penh is in the room.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories! K5 Store by Jinx Hackwear Syndication Supported by NewsIsFree