[dns-operations] blockchain DNS

Phillip Hallam-Baker phill at hallambaker.com
Sat Jan 27 21:51:32 UTC 2018

On Sat, Jan 27, 2018 at 2:51 PM, Mark Jeftovic <markjr at easydns.com> wrote:

> John R Levine wrote:
> > For every Sci-Hub, there are a dozen Daily Stormers and a thousand fake
> > phish banks, fake "Canadian" pharmacies, and other malicious sites.  The
> > history of name registries that don't deal with illegal activities is,
> > to put it mildly, unpleasant.  If you haven't seen any of them, that's
> > not a coincidence, other networks tend not to accept their traffic.
> >
> > For the specific issue of Sci-Hub, academics claim they want open access
> > to their papers, at least in developing countries, but they send those
> > papers to publishers like Elsevier who charge $30 a peek.  They need to
> > make up their minds.  And while the technology of an online open access
> > journal is straightforward, nobody's figured out how to do for free the
> > useful part of what Elsevier does, gatekeepers and reviewers who find
> > the publication-worthy stuff in the mountain of garbage.
> >
> A lot of people pined for a decentralized P2P DNS over the years, every
> time their was outrage at ICANN or Verisign, something I always said was
> impossible, until blockchain came along and I realized how wrong I'd been.
> When the Ethereum Name Service WG met last summer they seemed to prefer
> an immutable registry at the bottom (blockchain) with governance,
> blocking, filtering happening at "Layer 2", something I'm personally
> skeptical about.
> But then when you sit down actually try to design your registry
> implementation you run into all these things you're talking about above.
> Governance is "non-trivial" and I think it's a mistake to think it can
> just be deferred to "layer 2" because nobody even knows what that looks
> like right now.

​I disagree with the claim that there is a need to put 'governance' in the
DNS layer. You can do just fine if you put the governance in a layer above
the DNS which is of course the function of the WebPKI.

The WebPKI ​was developed and deployed to achieve accountability. The DNS
is not.

Trying to rely on the DNS infrastructure to mitigate criminal activity is
futile. Which is why I find the attempts to dilute the WebPKI to be nothing
more than an adjunct to DNS validation (which does not happen) to be

​Of course, most people don't want to be spending the type of money
required for an effective validation process.​
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20180127/01c77e49/attachment.html>

More information about the dns-operations mailing list