[dns-operations] blockchain DNS
markjr at easydns.com
Sat Jan 27 19:51:36 UTC 2018
John R Levine wrote:
> For every Sci-Hub, there are a dozen Daily Stormers and a thousand fake
> phish banks, fake "Canadian" pharmacies, and other malicious sites. The
> history of name registries that don't deal with illegal activities is,
> to put it mildly, unpleasant. If you haven't seen any of them, that's
> not a coincidence, other networks tend not to accept their traffic.
> For the specific issue of Sci-Hub, academics claim they want open access
> to their papers, at least in developing countries, but they send those
> papers to publishers like Elsevier who charge $30 a peek. They need to
> make up their minds. And while the technology of an online open access
> journal is straightforward, nobody's figured out how to do for free the
> useful part of what Elsevier does, gatekeepers and reviewers who find
> the publication-worthy stuff in the mountain of garbage.
A lot of people pined for a decentralized P2P DNS over the years, every
time their was outrage at ICANN or Verisign, something I always said was
impossible, until blockchain came along and I realized how wrong I'd been.
When the Ethereum Name Service WG met last summer they seemed to prefer
an immutable registry at the bottom (blockchain) with governance,
blocking, filtering happening at "Layer 2", something I'm personally
But then when you sit down actually try to design your registry
implementation you run into all these things you're talking about above.
Governance is "non-trivial" and I think it's a mistake to think it can
just be deferred to "layer 2" because nobody even knows what that looks
like right now.
> These are real problems but I don't see any way blockchains wouldn't
> make them worse. They don't solve real world problems.
I think they do, and they are particularly suited for DNS because you
have the ability to distribute the top-level namespace and make the TLD
impervious to DDoS in a more cost-effective way for smaller entrants.
Further, if there is "lookaside" capability on the part of resolvers
than second level registrants can pin key DNS RRs there for further
resilience. Both blockchain and DNS architectures are public,
distributed and world-readable which is one of the reasons why I think
they are complimentary (nevermind all these idiotic ideas one sees to
shoehorn some legacy business case onto a blockchain and trot out some
utility token in an ICO - i.e. "bananachain" - yes, it's a thing)
Blockchain, also good for historical iterations (like whois/whowas but
given where whois is going, that may not be as relevant). But if you are
pushing DNS data out to the world to see, it may not be a bad thing for
an immutable ledger to exist that shows all publicly published values of
hostnames and other data.
Then there's smart contracts - i.e. ethereum which in my mind opens the
door to far more complex processing logic between a DNS query and a
response to it. Granted - you could do the same thing without a
blockchain... but right now that's the direction out of which these
capabilities are originating.
> John Levine, johnl at taugh.com, Taughannock Networks, Trumansburg NY
> Please consider the environment before reading this e-mail. https://jl.ly
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-operations mailing list
Mark Jeftovic <markjr at easydns.com>
Founder & CEO, easyDNS Technologies Inc.
More information about the dns-operations