Pirate DNS?

guinsu asks: "After seeing many comments on Slashdot about how disgruntled many people are with the current DNS setup (i.e. total control by NSI) and the amount of trademark lawsuits on an over-commercialized Internet, I was curious if it was possible for a group of people to set up their own 'alternative' or 'pirate' DNS system that would be separate from the NSI controlled one?" Of course it's possible, My worry is that if it gets large enough to rival the regular DNS system (if you want everyone using it, it will have to be), big business will take notice and we'll replay the same fights all over again. Could we protect such a thing from happening if it were formed?

"What I had in mind was a system that was totally open and free, anyone can register any domain name or TLD. Since it was kept separate from NSI, this would include domains already registered there. In order to keep this DNS from leaking into the old DNS, I guess the servers could run on different ports. I also had in mind a modified version of the DNS protocol, where data could be distributed in a Gnutella or FreeNet fashion. This would eliminate the need to have root servers that had to handle a heavy load. However it would be vulnerable to spoofing and faking data.

One question I have though, since this is essentially a private network of computers (even though it is distributed throughout the Internet), can companies bring trademark law to bear on what I choose to name my computers on a private network? Can I call a machine microsoft.com on an intranet or on a network based on a naming scheme different from the standard DNS?

Another alternative would be to only use this system to add new TLD's and use the NSI DNS for .com, etc.. This would allow TLD's such as .god, .sucks or .anything-you-want to be set up without interfering with servers not recognizing this new DNS. This would avoid naming collisions with the old DNS.

My hope was that something built in this fashion would be controlled by the normal everyday users of the Internet, not by corporations. A distributed, cooperative naming system where hopefully less bullying could take place. Is this feasible? Or even desirable by anyone else?"

Remember X-400? (was: This is bound to fail...)

Back in the early 90s various people claimed that
X.400 email would replace regular Internet mail.

It didn't happen, and one of the several reasons
why was that not all X.400 providers recognised
the same email addresses. Contrast this with
internet mail where if you give me an email
address of the form "user@domain.com" I can
send mail to this address from any properly
configured machine on the internet and rely on
the fact that:

a) it will always be delivered
b) it will always go to the correct recipient,
not to some other version of "Domain.com".

Breaking this would be a *really bad* idea.

In other words, I don't want to get addresses
of the form "xyz.tld", find these don't work,
and then get told "oh, you need to change your
DNS settings to such and such a server to make
this work".

Registering extra TLDs is OK, and as others have
pointed out there is an existing (painfully slow)
effort to do this. It's not clear this will
solve a lot of problems though, which is part
of the reason it's going slowly.

Re:Remember X-400? (was: This is bound to fail...)

[sjames]

There isn't much to be done about forcing propogation of an alternative DNS. It is a chicken and egg problem. Unless it is in use, there is no interest in supporting it, and there won't be a great attraction to use it unless it is widely supported.

The answer IMHO is to start with specialized use TLDs where it is not so important that the whole world be able to resolve it. Ideally, the domains registered will have a big 'cool factor' so that people will WANT to configure for it, and will pester their providers to support it for them. The next wave of domains would be those who already have a domain in a 'standard' TLD but want the 'cool factor' of an alternative TLD.

I agree that it is very important thet the TLDs remain consistant. The best way to do that is to include the 'stabndard' TLDs by reference (forward lookups to the NSI root servers), and to make sure that each alternate TLD has some sort of consistance mechanism in place and that it works. An inconsistant TLD won't stand a chance of becoming popular.

Hopefully, there will be public DNS servers that get configured to support the various alternative TLDs. ORSC is doing a pretty good job of that one so far.

As far as officially setting up new TLDs, that won't solve the problem at all. Those will still fall under NSI and ICAN'T and have all of the problems the current ones do. (Many corperates registering under com,net,org,biz,shop,sux,tm,md,dds,dvm,etc).

Would Pirate DNS work? Look ar orderly USENET TLDs

Look at all the top level heirarchies in USENET to see how well a distributed DNS system would work. Broken distribution, "not carried here", namespaces getting split into non-connected segments. Newgroup/rmgroup wars. Disputed meanings (Is .ca California or Canada? .la Los Angeles or Louisiana?). The only group names that work well are the big 7... which work because they have CENTRALIZED CONTROL.

uhh. no

NSI doesn't control the DNS system, I thought slashdot covered this stuff ages ago.

There's 12 root servers, these servers handle all authoritative information for registered domain names. When you do an looked for a host, here's the process...

You'll typically have your ISP's DNS servers in your TCP/IP configuration. When you hit www.slashdot.org, you send an A query to your ISP's DNS server for "www.slashdot.org"

Your ISP's DNS servers think "well hell, I don't know who the hell www.slashdot.org is, let me contact one of the root servers to see who has authority over that domain."

Your ISP does an NS query on "slashdot.org" to see what servers are authoritative for that domain.. In this case it will return:

slashdot.org nameserver = ns3.andover.net slashdot.org nameserver = ns1.andover.net slashdot.org nameserver = ns2.andover.net

Your ISP's DNS server now knows who has authority for the domain and who can give you the A record for "www.slashdot.org"

Your ISP's DNS server contacts one of the authoritative name servers to do the A record lookup for "www.slashdot.org", basically saying "what's the IP for www.slashdot.org"

Andover's DNS server returns 64.28.67.48

Your web browser hits 64.28.67.48, and your web browser pulls up the site.

Please, please, please.. UNDERSTAND what you're talking about before posting things like this. You can't just "HIJACK" the DNS system, and NSI DOES NOT CONTROL IT.

The root servers are 12 servers placed all around the world, and no 1 corporation owns them. I believe it was the IETF that put them in place, who are the saviors of the internet world.

Re:uhh. no

[mindstrm]

Could be. Could also be they are just 'misinterpreting' the 'named.cache' file, which simply lists the root servers (in other words, it's 'cached' the addresses of the root nameservers)

Re:uhh. no

[jackmama]

Of course, NSI does control the a server, which is the master of the 12 slaves, so they do have a certain degree of control. I agree that people need to understand the DNS system before posting about it, but when has ignorance stopped people from posting on Slashdot before?

Re:uhh. no

[ameoba]

Something about this makes me think "Tolkein", but only for a short period of time.

Re:uhh. no

[cosmic_0x526179]

one minor nit.. The way you described it, is the way I thought it worked too. Several admins (smaller ISPs) tell me that their DNS machines point to caching servers at their upstream providers. Those machines are probably talking to the root servers.

- another cosmic ray -

Re:Wish Granted

[Phroggy]

Come on, can you really imagine trying to pronounce http://slashdot.dot/?

--

Re:This is bound to fail...

[Phroggy]

Fundamentally, I should NOT be typing in "www.microsoft.com" in IE if I want to look for Windows 98 crap. I should type in "Microsoft Windows 98". There should be no end-user mapping between content and DNS name. Content should be divorced from DNS completely, in the manner that DNS is divorced from IPs. Meta-searching and content discovery/cataloging need to be avanced to the point where honestly, the end-user should NEVER KNOW ABOUT URLs. Does then end-user know about IP addresses nowdays? No. Neither should they need to know about DNS names.

Wrong! There must be a simple, concise way of referring to specific sites. I don't want to have to type "Microsoft Windows 98" into a search engine and see what comes up. I might want to go to Microsoft's official Win98 page, or I might want to go to a third-party site with information about Win98, or I might want to go to a parody site that makes fun of Win98, or whatever. As someone else has pointed out, the user MUST be able to tell if they're on the official Microsoft site or not, and they MUST be able to indicate that they do (or do not) want to go to the official Microsoft site when they type in the address.

If I type in Apple, do I really want Apple Computer, Apple Records, the Washington Apple Commission, or Fiona Apple? If I can remember that the Washington Apple Commission's home page is http://www.bestapples.com/, then there will be no confusion in the future. Finding that the first time is what search engines are for.

--

Re:I'd love to see such a system

[sjames]

I just wonder if it would be possible to assert authority - what if nsi wanted to start using .music or something and a small segment of this 'pirate' system was already using it - wouldn't nsi be able to demand relinquishment of it with federally backed authority?

I don't see why. No law says that they are the one and only way to resolve names. NSI has only an old contract from the NSF and consensus to make them an authority. I doubt that music is a trademarkable term.

Re:Remember alt.*

[sjames]

As much as this sounds a inviting idea, it would not work without some degree of control. Look at what happened to the alt.* groups on Usenet. A lot us usefull stuff, but even more junk.

The junk doesn't matter much. Most people see the junk alt. names, laugh if it's funny, and move on.

Re:Remember alt.*

[sjames]

It is possable to configure a news server to NEVER accept a newgroup alt.this.is.totally.useless.nose again.

I don't know much about the GNUtella protocol, but it sounds like the wrong tool for the job.

There would need to be a signature and web of trust system to avoid scrip-kiddies and other nonsense in the system.

One way to handle registrations would be to sign and timestamp the message. Messages w/ timestamps too far in the past are dropped silently. Only the signer can change the registration info, registrations drop after an expiration if not renewed.

There are problems, but they could be worked out with careful thought.

Re:This is bound to fail...

[sjames]

1.Court systems (in whichever country you are in) still exert juristiction. Moving to Sealand isn't going to help. While you (the new DNS people) may not have problems, people using your service still have to face liability in their country of origin. As long as the court systems seems to think that Domain Names are trademarkable, well, we're screwed.

There's nothing technical that can be done about that. However, simply not disableing a domain name UNTIL a court order is issued would be an improvement over what we have now. Ideally, the court order should go to the domain holder and not the DNS provider. That can be done if the DNS provider maintains that the registrant owns (or purports to own) the name and the provider simply propogates it as a service to the registrant.

2.You'd have to get the big players (most of the major ISPs) to go along. For legal reasons (see #1), this will never happen. So, if the people that provide 90% of the internet users capacity don't use you, what's the point?

Even windows allows manual selection of DNS. Nothing requires you to use the DNS provided by your ISP (I don't). We don't need a sweeping revolution, it can be one netizen at a time.

3.As to this, there is currently AlterNIC. They don't have many of the problems we associate with the current system, but guess how successful they've been?

You've heard of them, I've heard of them, everyone reading this has heard of them... Their TLDs resolve for me. Again, one at a time.

4.DNS requires a controlling entity. Distributed control isn't really a good idea. (Distributed operations are, though).

Why not? As long as a mechanism exists to prevent cheating it should be no problem. The only authority needed is private agreements between the participants, which could perhaps be informal. I need no legal authority to claim that www.microsoft.com = 207.46.130.149. You are free to take my word for it or not.

A key to avoiding trouble in that area is to stay away from the current TLDs. Let ICANN and the rest have .com etc.

Re:This is bound to fail...

[Frodo]

Actually, I just typed "Microsoft Windows 98" in location bar and got a list of sites, first being http://www.microsoft.com/windows98/default.asp. So it does exist, this system. Not that I ever used it, actually. But now that $company_which_makes_browser_which_I_am_forced_to_ use moved to Google, I might actually use it. If only they servers won't be so painfully slow...

Distribuited?

[xpurple]

Is thier any way we can cluster this sort of thing? Have no central database, thusly keeping problems like this from happening?

I realy don't know much about this, but it's worth a shot of asking.

Don't need different ports. Just use "pass thru".

[root]

When an alternate DNS lookup fails, you just pass the lookup to a "standard" nameserver. This lets "pirate DNS" create a lot of front-end TLDs without corrupting regular DNS and without having to do old DNS stuff locally. The "pirate DNS" need only do lookups for the new stuff. However, the "pirate DNS" could also redefine existing domains too. Since this is all on a PRIVATELY OWNED AND CONTROLLED machine that others VOLUNTARILY point to for name resolution, I fail to see how anyone can sue you... even if you redirected microsoft.com to debian.org.

Anyone up for GNUDNS.ORG? I want Microsoft.sux!

Re:A strange thought...

[mikpos]

That would break the definition of URLs IINM. The protocol part of a URL (e.g. "http") refers to the protocol one layer above TCP (I can't remember the way k00l OSI name for it) and has nothing to do with name lookups. It would be much easier to just get named to play those tricks for you, though.

iDNS

[Pseudonymus+Bosch]

iDNS is a project to extend the current DNS so that we can use Unicode instead of 7-bits (F)ASCII code. It seems that the main servers are operated from East Asia.
__

Re:I'd love to see such a system

[Glytch]

A Gopher server?! Wow. I always loved Gopher, so much faster than the bandwidth-sucking web...

One question for the Gopher-heads out there: Where can I get a good GPLed Gopher daemon?

Dunno

[Chas]

IIRC, it was Alternic that tried this once. It wound up breaking a bunch of stuff.

Also, if it COULD be made to work, who'd admin it? How would they get paid? Would their service be any better than NSI?


Chas - The one, the only.
THANK GOD!!!

Re:Dunno

[Syberghost]

Alternic didn't "break" things by itself, it worked pretty well. I used to administrate an ISP, and we used it.

The problem was, their founder engaged in some questionable activities that effectively destroyed their credibility.

The other problem was, hardly anybody used it, so there was little incentive for anybody except 31337 h@X0r's to use it.

--

Re:Dunno

[tregoweth]

The Goog isn't the only search engine to use it -- AltaVista, Dogpile, Go, iWon, LookSmart, MetaCrawler, and MSN do, too. But who uses them anymore? :) And there's keywords.com, but I imagine they'll be trounced or bought by RealNames soon.

Now that I'm completely off-topic...

-j

Re:Dunno

[jackmama]

You do recall correctly. This is one of the articles about it from back in 1996. It never really did take off, and kind of hit a big snag when they hijacked internic.net in "protest."

Re:Dunno

[fwr]

Merriam-Webster says it is:

Main Entry: administrate
Pronunciation: -"strAt
Function: verb
Inflected Form(s): -trated; -trating
Etymology: Latin
administratus, past participle of administrare
Date: circa 1617

Re:Dunno

[mr]

And their usefullness is VERY limited.

Brought the site up under BSD.

1) the stop button doesn't stop it
2) it goes so far in loading, then dies.

Under Winblows, a box askes if I want to 'upgrade' my browser. No such box under BSD. Same for MacOS.

So, it looks to me like this 'market brand building' technology isn't because it is not cross platform

Re:Dunno

[mr]

Besides AlterNIC, there was some fan-fare about a company that was going to offer a browser plug-in where the consumer could type in, say, disney at the URL location line and then they would be re-directed to where disney wanted.

It was like $40 per entry, and was going to 'be more expensive' after some time.

Given I can't find any references to this product idea, it seems to have failed.

Now, WHY does this idea of an alternative naming has not taken off? Because what makes the internet useful is the interconnection of the network. An alternative name service works to destroy the usefulness of the net by introducing confusion. If, on the "real internet", disney.go.com takes me to Disney, but on the 'fake internet' I end up at the nude mickey/pluto page, all that will happen is the alternative NIC will fail. And given the person asked "Can I call a machine microsoft.com on an intranet or on a network based on a naming scheme different from the standard DNS?", the questioner doesn't grok that humans thrive on consistancy. If they type in microsoft and get BillCo, that is good.

Re:A strange thought...

[httptech]

You don't need to set up your own root server to point your own users to a different IP address for microsoft.com, just add the microsoft.com zone to your zone files and your named.conf as if you owned it, point it to some alternate IP addresses and you're done.

"mnemonic"

[Booker]

Just FYI:

mnemonic (n-mnk)
adj.

Relating to, assisting, or intended to assist the memory.

n.

A device, such as a formula or rhyme, used as an aid in remembering.

=====

But great points in your post - I had never thought about it that way...

---

Re:Maybe public key encryption and signed DNS?

[Far�]

No, you only need do one request, for the DNSNG will send you all the signed certificates you need together with the data. And the keys for the central trust repository will be included in your DNSNG client. The signed certificates for a lookup on foo.bar will be

1. The signature of the .bar registry, as signed by the central registry.
2. The public key of the foo.bar owner, as signed by the .bar registry.
3. The signature by the foo.bar owner of each chunk the foo.bar domain description.

Size of (compressed) chunks will be determined so as to optimize overall traffic. With a proper negociation protocol, no unneeded certificate need be sent over the wire. Finally, with a proper cache structure, only ISP's DNSNG caches need exchange certificates (sharing the checks for all of the ISP's users), while each user can hopefully trust the answers from his ISP's DNS without having to (systematically) check keys (he may check them once in a while if paranoid, or when connecting to e-business sites).

PS: Thanks, Mr Z, I was going to propose just the same thing as you did, and am glad I'm not the only (or first) one to think about it.

-- Faré @ TUNES.org

Maybe public key encryption and signed DNS?

[Mr+Z]

This post wasn't a troll, this is a valid concern. Any thoughts on how spoofing would be controlled? Perhaps using public-key encryption and signed DNS records?

You could keep public keys on multiple servers as well. To make it all work, you'd need to verify a DNS record from server A with a public key from server B. With proper client-side caching and forwarding a'la Freenet (that's what a distributed network is all about, right?), it'd be pretty hard to spoof all of the elements used to validate a DNS record, wouldn't it?

Because the public keys can have larger scope (eg. covering a set of domains, rather than just a single domain or host) it's more feasible to have fewer public-key servers, with more energy put into those servers to protect security. That also makes it possible to have public-key servers of varying authority, as the number of PK requests should be far fewer than the number of DNS resolution requests. The "varying authority" comes from the fact that keys can be signed by others to verify their authenticity. Basicly, this amounts to building a web of trust with public keys, and then using that to secure the distributed-DNS network in parallel. In a sense, a public key acts as the registrar. Kinda.

Thoughts?

--Joe
--

Re:Maybe public key encryption and signed DNS?

[captainmoo]

While this is a good idea, it would be slow and inefficient. If you're starting cold with no public keys stored locally, you're probably going to need to get a new key for each website you go to (for example). And if this requires TWO different server lookups, bad things will happen and people will get frustrated if things don't work perfectly and quickly. My experience with that sort of thing is that they rarely do =(

While it was a good idea, I think we'd need to figure something else out to get the effect we want.

-David

tinc is an alternative dns system

[Koos]

The Internet Namespace Cooperative offers an 'alternative' root that gives a number of extra TLD's (such as .dot and .irc) and access to the generic top level domains and country top level domains.

The Internet Namespace Cooperation is run on technical cooperation instead of commerce and addition of domains into the root is on the base of a set of technical rules (mainly to ensure reliability).

I think this is the right way to create change: cooperate and offer an alternative.

The original poster was [mostly] right

[Hamhead]

First of all: It's 13 root servers, not 12

$ dig . ns |grep NS |grep -v \; |wc -l
13

NSI is really split into two beasts, the registrY and the registRAR.

The registRAR is the people who auction off old domain names.

The registrY is the people who maintain the gTLD servers, and only two of the root servers.

The root servers are maintained by:

A: NSI
B: ISI.EDU (California)
C: PSInet
D: UMD
E: NASA
F: ISC/NOMINUM
G: DOD/DISA
H: ARL (ARMY)
I: Univ Stockholm
J: NSI
K: London (LINX)
M: Tokyo University

Currently, the COM/NET/ORG are hosted on only a few root servers, namely, A, E, F, and G. There is currently a transition of moving COM/NET/ORG off of the root servers, onto gTLD servers.

These servers:
$ dig com. ns |grep NS |grep GTLD
(snipped)
K.GTLD-SERVERS.NET.
A.GTLD-SERVERS.NET.
M.GTLD-SERVERS.NET.
H.GTLD-SERVERS.NET.
C.GTLD-SERVERS.NET.
I.GTLD-SERVERS.NET.
F.GTLD-SERVERS.NET.
J.GTLD-SERVERS.NET.

All of the gtld servers are administrated by the NSI RegistrY.

And although the A server was once the master of the Root servers, it is no longer. The root servers use a stealth-primary (that would be one that you don't see) for distributing the root zone.

...And NSI does not control policy regarding the root servers, IANA does. If IANA told NSI to stop hosting all of the gtld servers by a certain date, NSI would cry, scream, kick ans wail (maybe even sue), but NSI would eventually have to give it up.

NSI does not control each of the root servers. If NSI told the root server operators to do a certain thing, like "All root servers must run NT", each individual root server operator could individually refuse to cooperate. (And I certainly hope that they would, NT is evil incarnate).

And while you're criticizing NSI, maybe you should look at the response time for the COM zone on all of the servers NSI administers. Depending on your connectivity, I haven't ever seen anything more than 100 ms -- Way better than the sucky E and G root servers, which regularly respond after 4000 ms. NSI is throwing a lot of money into making the gTLD servers more responsive, and accurate.

Re:The original poster was [mostly] right

[jackmama]

The most recent document I've seen about the makeup of the root servers is the Root Nameservers Year 2000 Statement from last July. Since I'm just plain lazy on a Sunday morning, care to point me to the docs related to the gtld servers?

My Suggested Solution:

[FFFish]

Part of the problem with the current DNS system is that the TLDs weren't developed with the idea that soon there'd be umpteen billion websites. None of the growth of the Internet was adequately planned for.

MY PROPOSAL:

The .com TLD goes to multinational companies, and can only be registered for their tradename and trademarks. They can only register domains for products (www.slimfast.com), trademarks (www.therealthing.com) and tradenames (www.exxon.com). If they don't own the words, they don't get to register them.

The country code TLDs go to big businesses with national registration. Same rules apply as for the .com domain.

The state/province domains go to small businesses, ones that are not nationally registered. Same rules as above.

City/county-specific domains go to businesses as well. This allows franchises and such to deal with their local community.

You can't register a name that's being used more broadly than your use of it: you can't get a state name if someone has the national registration.

This exactly matches the real-world rules for registering your business with the government. There can be no domain name conflicts, because the government doesn't allow real-world name conflicts. Where there are, the domain solution will exactly match the real-world, government/court solutions.

New TLDs are created for other uses.

A .xxx/.sex domain is needed, without a doubt. It's open for businesses and people, with no rules about names: you can register phrases, words, tradenames and trademarks that you own, what-have-you. No country/state/city codes are mandated. If you want them, you can have them (allowing www.goatsluts.redmond.wa.us to list prices for the locals).

The .org domain goes to registered non-profits. The big user groups and so on will have to get a bit more formal. Non-profits that operate as a business (Oxfam & such) will probably also want to register their .com/.cc domain.

International non-profits get a plain .org; national/state/provincial ones will be in the appropriate form of www.goatsluts.city.state.cc.

The naming rules of the .coms applies to .orgs.
Note that a lot of community groups (ARSTechnica, PlanetNameYourGame) are profitable ventures and would be registered as .com/.cc entities. If they want to the TLD entry, they'll have to provide proof of international business registrations!

Where do personal pages fit in? As sub-domains of a country code. I suggest www.goatsluts.personal.cc. There are no naming rules: you can use tradenames, trademarks, phrases, words, whatever. And, no, companies can't shut you down for using a trademark or tradename: the "personal" subdomain makes it very clear that this is *not* a business page.

I'm not stuck on naming it "personal," but it does have to make it clear that the page isn't a business-authorized one. An internationally-recognized word would be good.

ISPs will be responsible for not allowing business to be conducted on personal pages. No ad banners, no shopping carts, no promoting one's business.
The enforcement rule: if someone wants your domain name and discovers that you're doing business, they'll report you to your ISP, and you'll lose your domain.

Ergo, you *can* sneakily do business on a .personal.cc page, but you're at risk of losing it if you're successful. 'cause if you're successful, you should be a registered business (otherwise you take the far greater risk of having your ass nailed to the wall for tax evasion!)

And, of course, if you do business using someone's trademark or tradename, then you're going to get into hot legal water when they discover you.

Most registrations will be handled by the country represented by the .cc TLD, however they see fit (could be a government service; could be privatized; could be contracted to NSI, even).

The international domains will be handled by NSI.

The key advantage to all this is that it opens up the domain name space.

It sensibly restricts what names businesses can use, while opening up all possibilities for private users.

It eliminates camping: businesses own their trademarks/tradenames, and .personal users aren't going to cough up big bucks.

It recognizes that non-competing businesses (ie. businesses in different states/countries) may want to register the same name (and differentiates them by the .state.cc postfix).

It recognizes that big businesses own their names/marks, and that little businesses don't get to name themselves after a national/international business.

In short, it seems to work very well, and for that reason alone will probably never come to pass...

--

Re:My Suggested Solution:

[FFFish]

Whoops. One flaw: some trademarks are shared by companies.

In which case, they'll have to have a redirection web page. They can co-operate to list their homepage links on the homepage.

They'll have to argue about who gets top billing and so on, but what the hell.

--

Re:My Suggested Solution:

[FFFish]

A multinational company is registered for business trade in multiple countries. The guy in the Azores would require a branch office in the USA to be considered multinational.

Yes, the fansite is conducting business. The money that the owner of the site is making is supposed to be reported to the tax authorities, as it is considered income. The owner may wish to formally register it as a business, for the tax advantages.

Re: Slashdot, yes. It is a hassle, I know.

No, I don't plan to rape you. Yes, your associate program means that you are conducting business. If your tax authority finds out that you're not paying taxes on that money, you'll regret not having formally set it up as a business!

If you start tying flies, you'll probably get a www.lickmyfly.mytown.bs.cc domain; it'll probably be a state-registered business, not a nationally-registered one. Of course, if you never do any business, the tax authorities will be conducting a hostile investigation: they frown on businesses-as-a-tax-dodge.

The challenge you're having understanding/accepting my proposal is that you don't think you're doing business on your site, despite the fact that it's designed to make money for you.

I assure you, your tax authorities will penalize you if they find out. They expect you to report your income from your site, no matter how piddling the amount is.

You don't have to register your business (as long as you're doing business under your own name, with no extra bits of fluff attached to it), but this means you have to pay taxes at personal income taxation levels.

If your site is making you any decent amounts of money, it's worth spending the fifty-odd dollars it will cost you to get a business license. You'll then be able to write off some business expenses (the portion of your home used for business, ditto for electricity, hardware, travel, etc, and your hosting costs). You'll pay less tax.

Now, back to your flies. Sure, you might try to sell your flies on a .personal website. But if someone comes along and decides that they want the www.lickmyfly.personal.mytown.bb website, they'll have it: just whinge to your ISP that you're carrying on business, and you'll have lost it.

Oh, yah, that's some rough and tough and unfair.

But it solves a helluva lot more problems that it creates. Toe the line for the rules, and you don't get in trouble: register your business and you own the www.lickmyfly.bc.cc domain.

Find a friend in Australia who'll go in with you, set him up as a branch office, pay up the registration fees and you
can even have www.lickmyfly.com domain.

And your yearly AGM can be held on the beaches of Galapogos Island, and entirely written off as a business expense!

Now, let's hear your bright ideas.

--

Re:My Suggested Solution:

[Sly+Mongoose]

The .com TLD goes to multinational companies

What is a "multinational" company? If a guy has a one-man shop in the Azores but his website is located in Korea and he takes orders from people in the USA, does that make his business a "multinational"? Doesn't the WWW in escence make all companies "multinational"?

ISPs will be responsible for not allowing business to be conducted on personal pages.

Whose definition of the term "Conducting Business" will you use? Will a musical fan-site that has an
associate program with links to Amazon be considered a business?

Where do personal pages fit in? As sub-domains of a country code. I suggest www.goatsluts.personal.cc.

So "personal" sites are limited to country-level naming conventions? When Slashdot came online, was it immediately a multinational business thus allowing the use of the ".org" domains? Or should it have started as a "personal.us" site and then upgrade to an "org.us" and then change the domain again to a plain old ".org"?

My "personal" (or if you prefer, "vanity") site is already on the ".com" domain. Are you planning to rape me, steal my domain and make me re-register under "personal.bb"? I am involved in an associate program with CDnow and links to their site appear on myne. Should my ISP discontinue service, or just put my domain up for grabs? If I start tying fishing flies and offering them for sale, does that then allow me to retain the ".com" TLD? Or only ".com.bb"? Suppose nobody ever buys any of my $10,000 fishing flies. Does that mean I'm not really in business after all? Or just that I have a poor business model and have not yet gone bankrupt?

Re:I'd love to see such a system

[DarkClown]

Yet another idiot ..(snip). Sheesh, when will they stop letting idiots post on slashdot :)
Jon.
"Upon this rock I will build my church, and the gates of hell shall not prevail against it" -- Mathew 16, 17-18

Hi Christian.
Please forgive me for being less up to whatever the fuck you infer that I am an idiot for and about. Nice homepage, poopsie!

I'd love to see such a system

[DarkClown]

I just wonder if it would be possible to assert authority - what if nsi wanted to start using .music or something and a small segment of this 'pirate' system was already using it - wouldn't nsi be able to demand relinquishment of it with federally backed authority?

Re:I'd love to see such a system

[ScottyLad]

>>what if nsi wanted to start using .music or
>>something and a small segment of this 'pirate'
>>system was already using it - wouldn't nsi be
>>able to demand relinquishment of it with
>>federally backed authority?

Although the original suggestion was to empower the "ordinary" internet user, if the sole intention was to take power away from NSI, the movement would require substantial funding to cope with the inevitable lawsuits. If, however, you could convince a sector such as the porn industry to back you (.sex, .xxx .amateur) then their interest in acquiring new tld's outwith the control of NSI might just generate the funding required.

On a more practical note, supposing NSI themselves, or any other body decided to administer such a system on a seperate port exclusively for the porn industry, this would make a huge selling point for ISP's anxious to restrict access to "adult material". Assuming all porn sites moved to the new system, ISP's would be able to offer a "family service" which only allows access to the old system, and an "adult service" which allows you to view as much smut as you want. If such a system were in place, I'm sure it wouldn't be long before the US and UK governments passed legislation forcing the porn sites on to the new system, making lazy parenting easier as you could then rest in the knowledge that all your kids can find on the net is instructions on how to make parcel bombs.

Personally, I'd like to see a seperate tld administered and used exclusively by bona-fide programmers and hacks. Then at least those of us who wanted could have our own "nerds network" and go back to the good ol' days. Hell, we could even restrict "our" network to using only gopher - that would keep the newbies at bay!!

Would be interesting to see if any of this is feasible.

Re:I'd love to see such a system

[Jason+Straight]

Don't use . instead of .com, .org, .net, .edu, .music use , or something like www,domain,com

Re:I'd love to see such a system

[luckykaa]

Are you trying to convince people they should upgrade to Windows 2000 with your little time bomb? (they should)

Only if they have a damn fast machine and a lot memory and a huige wodge of free disk space.

Still, haven't had W2K crash yet after a few months. (Apart from when I was writing drivers.....)

Re:I'd love to see such a system

[bendude]

WHY CAN'T PEOPLE LINK ANYMORE?!?

...and on the topic...
Has anyone thought of getting off their asses and joining ICANN?

Re:I'd love to see such a system

[Roger_Wilco]

Maybe, but that's OK; so have it hosted in a different country, outside the reach of your oppressive government.

Re:I'd love to see such a system

[Kronovohr]

Hell, we could even restrict "our" network to using only gopher - that would keep the newbies at bay!!

Some of us already do something like that (:

Re:I'd love to see such a system

[aed]

I don't think this 'pirate' system will be officially recognized by nsi, so if they want to use a name already in use by the new system, they'll just use it anyway, even if that means some people won't be able to reach a part of the 'official' net. that'll be their problem then.

Can you say E-DNS

[poet]

I believe sombody already tried this. It was a system call edns and it had TLDs such as .web.

Re:No - keywords don't work

[sandler]

Take a look at Netword. They apparently have a patent on internet keywords. Says Netword CEO, "Netword invented Internet keywords..." (see here). They started out letting companies pay to have an English word go to their site. This is kind of like DNS, but much more commercial. Now, most common words seem to go to a directory listing by zip code, which is a nice feature, but it's a lot more like a local search engine than DNS. And besides, they claim to be the place for internet keywords, and even have a browser plug-in to make it like what you were saying, but have you ever heard of them? I didn't think so.

We should already know that you can't assume that a domain name will go where you think. Take, for example, The Pecan Grove Plantation community web site, which has very little to do with secure communication. This would also be true in any keyword system. It's not more logical or natural; it's still just a matter of who grabs the word first.

This is bound to fail...

[trims]

While a noble idea, there are several major reasons why you would never be able to get it accepted:

1. Court systems (in whichever country you are in) still exert juristiction. Moving to Sealand isn't going to help. While you (the new DNS people) may not have problems, people using your service still have to face liability in their country of origin. As long as the court systems seems to think that Domain Names are trademarkable, well, we're screwed.
2. You'd have to get the big players (most of the major ISPs) to go along. For legal reasons (see #1), this will never happen. So, if the people that provide 90% of the internet users capacity don't use you, what's the point?
3. As to this, there is currently AlterNIC. They don't have many of the problems we associate with the current system, but guess how successful they've been?
4. DNS requires a controlling entity. Distributed control isn't really a good idea. (Distributed operations are, though). The controlling entity needs to have some method for enforcing it's decisions, and whoops, that means it needs to derive authority from some legal method. Right now, I'm voting for a U.N.-sponsored organization that then delegates to national orgs. Honestly, I think international treaty is about the only way to go here.

In the end, however, you fall into the same trap virtually everyone does when attempting to "Reform" the DNS system. They make the assumption that names have connotation. That is, that there is some meaning to the name www.microsoft.com other than it's easier to remember than 207.46.130.149. The DNS system was designed, and SHOULD REMAIN simply a pneumonic (sp?) that makes life easier for machine identification. What we've loaded onto the DNS system is content location, something it's completely unsuitable for.

Fundamentally, I should NOT be typing in "www.microsoft.com" in IE if I want to look for Windows 98 crap. I should type in "Microsoft Windows 98". There should be no end-user mapping between content and DNS name. Content should be divorced from DNS completely, in the manner that DNS is divorced from IPs. Meta-searching and content discovery/cataloging need to be avanced to the point where honestly, the end-user should NEVER KNOW ABOUT URLs. Does then end-user know about IP addresses nowdays? No. Neither should they need to know about DNS names.

We need to fix cataloging and searching first, then the DNS problem will go away.

-Erik

Re:This is bound to fail...

[wfberg]

FYI authority for ccTLDs (country code top level domain names, such as .nl, .uk, .de etc.) is already delegated to the governments of the corresponding countries.

In fact, the .us domain has second level state domain names, such as dc.us, with third level cityname domain, such as washington.dc.us - the authority over these domains is delegated to whatever organization local authorities designate to exert it. It seems that almost nobody knows about the .us domain, especially not US citizens ;-)

For a exhaustive listing of ccTLDs and links to their registrars see the IANA ccTLD database

For .us domain delegations see the official United States domain registry

Note how beautifully hierarchical the .us construction is. Most ccTLDs (such as .nl) have a yucky flat namespace, just like .com

P.S.: it's spelled 'mnemonic', as in Johnny.

HTH, HAND

--

Re:This is bound to fail...

[Stinger]

Note how beautifully hierarchical the .us construction is. Most ccTLDs (such as .nl) have a yucky flat namespace, just like .com

This is wrong, _MOST_ country codes are actually nicely layed out, just _some_ like .nl, or .de are crappy and flat.

For examples of nicely layed out ccTLDs look at .nz or .uk or .jp or .th or .....

Re: This is bound to fail...

[mr.crutch]

Fundamentally, I should NOT be typing in "www.microsoft.com" in IE if I want to look for Windows 98 crap. I should type in "Microsoft Windows 98".

This is a good idea but it's already been tried. Remember RealNames? The problem with Real Names is that it makes it even more difficult to determine who has rights to certain phrases. Who decides who gets to use the various mnemonics like "Internet", "Books", "CD", or "Linux"? Too many of the sites on the internet cover very general topics. Using mneonics opens the WWW to even more corporatism and confusion.

Advanced searching doesn't offer much hope either for this problem. Searching really just abstracts the source away from the user. If I go to www.fbi.gov I can be relatively sure of the source of the information I am reading. This is of great benefit to the user. Using a meta-engine to push pages to the user without any real indication of the location of that page (anyone can create pages that look like official FBI pages) would undermine the few pockets of credibility that do exist on the web.

Sensible, fair, use of domain names is a lost cause. I shudder to think of the trouble that these new TLDs will bring...

Re:This is bound to fail...

[howman]

doesn't it make sence that US citizens don't know about their domain suffix .us? They would like to believe that .com .org, and .net are the US suffixes... and that .uk, .ca etc are just baby brothers to 'their' internet, feeding off what some American created...

Good idea, but if fails the legal test...

[trims]

OK, let's say we take your proposal, and create the World's Best Registrar(tm). We have lots of nice, end-user friendly policies, responsive customer service, and we don't screw people over. In short, the polar opposite of NSI. So, everyone hears about you, decides you're cool, and we all switch over to you.

Heck, you're so nice and cool, and we all trust you so much that you go and create a whole bunch of new TLDs. We like 'em, and use them wonderfully.

Everything is hunky dory up until the point where you decide to let someone other than Mr. Gates' company register microsoft.com. Or even microsoft.xxx. Suddenly, a whole passel of MS lawyers show up at your doorstep, and demand that they get back the microsoft.xxx domain, because, damnit, they own the trademark.

Guess what? You're going to have to give the name back to MS. The reason is the current interpretation of law. You, as the service provider, are responsible for following the law, and the law states that MS has the right to the microsoft.xxx domains. You have to comply. Sorry, no way out. This isn't just in the US, anymore, since WIPO decided to essentially impliment the US trademark-on-domains philosophy into internation trade law. So you can't move elsewhere.

Fundamentally, right now the boundaries are set up for what we can and cannot do on our own - certainly, there is a whole lot of room to improve over NSI (and I'm certainly moving my business from them to someone else), but the current legal atmosphere limits what policies you can put in place for domain registration.

-Erik

Re:Good idea, but if fails the legal test...

[barracg8]

A good example this in action:

Apple Computer do not have the domain www.apple.co.uk

It is owned by a UK graphics design company called Apple. They have a perfectly legitimate right to the name (but I bet it pisses Apple off a bit :P ).

Re:Good idea, but if fails the legal test...

[DeltaStorm]

Everything is hunky dory up until the point where you decide to let someone other than Mr. Gates' company register microsoft.com. Or even microsoft.xxx. Suddenly, a whole passel of MS lawyers show up at your doorstep, and demand that they get back the microsoft.xxx domain, because, damnit, they own the trademark.

How can you give back something you don't own unlike NSI the service wouldn't own the domain whoever registered it would so M$ would have to deal with them.

Re:Good idea, but if fails the legal test...

[NevDull]

It depends on what microsoft.xxx does.

If it's a parody site or the like, your statements are not necessarily true.

When you say "MS has the right to the microsoft.xxx" domains, you're only partially correct.

Trademarks are not universally valid within even the context of locality.

Cincinatti Microwave used to make a radar detector called the Escort.

Ford made a car called the Escort at the same time.

(I'm drawing a blank on the countless other examples because it's way too hot in here)

So... which gets Escort.com?

Cincinatti Microwave had the exclusive right to use the name Escort in the course of commerce related to radar detectors. Whistler couldn't have introduced a radar detector called the Escort.

However, Ford wasn't selling radar detectors. They were selling cars. Chevrolet couldn't have started selling Escorts after Ford had established their trademark, related to automobiles.

Look up old articles on the chevychase.com domain name dispute to see some interesting discussion of this topic.

Re:Different ports

[wik]

There's nothing fundamentally wrong with using both the current system and alternate. For instance, if you're looking up a .COM, .NET, .ORG or .EDU you'd have to end up looking at the old root servers and the authoritive DNS servers for that domain, anyway.

Alternic tried this back around 1996. Here's a link to a boardwatch article that discusses their system. It transparently handled regular Internic (now Network Solutions) requests as well as their own names/TLDs. They mentioned that you could get your own TLD for $98/year. How cool is that? :) I never actually tried changing my DNS servers over to theirs, just because it didn't seem to be catching on at all.

Already been done?

[PlazMatiC]

I'm positive I've seen something like this before. It can't have worked very well - I heard about it once and then nothing more

I've got no idea what is was called though );

Ah well

Kill domain names, use public keys..

[MikeFM]

The domain name system is about dead. So many hose beasts have bought up all the good names and aren't even using them and you have all that fighting over new TLD's as if they really even matter. The majority of people I've watched don't even understand domain names and URL's. They go to the search engine default of their browser and click'n'search from there or find sites out of their bookmarks.

Would be an interesting experiment to create a distributed system that used encryption keys to lookup the IP of the machine. This encryption code could be either for the machine itself or for a certain user on that machine. Once you located the machine you wanted to talk to you could send your public key to it encrypted by it's public key and then carry on secure communications from there. By this system even if you knew the machines IP you couldn't talk to it unless you also knew it's key. I'm sure it'd need a lot of ironing out but it might fix some of the problems and prepare for a Net that is much less centrally controlled such as peer-peer wireless internetworking.

Re:Yes -- and one opportunity we missed!

[tregoweth]

Of course, it isn't TOO LATE for this to happen, but there better be a central keyword registry or Netscape and Microsoft will fight with registries of their own. Fun fun fun.

You mean like Netscape's Internet Keywords and RealNames'/Microsoft's Internet Keywords? (M$ owns 20% of RN.) And, of course, AOL's keywords.

-j

Trademark workaround

[redhog]

Not to have problems with trademarks, such a new DNS database should not have the same chaos of TLDs as today. My proposal is, such a system should have a smaller set of TLDS, with subdomains and subsubdomains, for different categories of domains. Like *.linux.free.soft.comp for all linux-software sites, *.rel.phil.cult for religious sites, and so on. A company can not, in most countries, claim any right to their trademarked name when it is used in a totally different usage domain, like Apple can not claim any right to the Macintosh name of fruits.

--The knowledge that you are an idiot, is what distinguishes you from one.

.alt

[Nater]

Recently I read a comment comparing the DNS to Usenet on the basis of where the renegades end up. It basically said that the creators of Usenet had the foresight to create not only the top level newsgroup for "proper" discussion forums, but also the alt newsgroup where anything goes. To my knowledge no trademark infringement under the alt umbrella has ever been challenged in court, and due to the nature of that part of Usenet, I don't think it ever could be. It is well understood that alt. is no man's land and on that basis, a sufficiently talented attourny could convince a judge that a mark used under the alt newsgroup does not dilute a trademark due to that understanding.

By contrast, the DNS traps everyone into the .com, .net, .org, .edu, .int, .gov, .mil, and ISO country code domains and leaves no place for all those registrants who would more appropriately occupy a .alt domain. If the DNS had started out with a .alt domain that then became a well understood DMZ, we probably wouldn't have had the domain dispute problems that we've had without it. Adding a .alt TLD now may or may not alleviate the problem of excessive litigation, depending on whether net users at large can embrace the new domain's intent. In the beginning it would have been easier to get users to understand something like that.

As for usurping root service from NSI, it really depends on how widespread pirate DNS usage becomes before that first legal challenge. If the pirate DNS can proclaim loud and clear to all its users from the beginning that its subdomains are merely place names, like those found on a map, and can get a large portion of the Internet using its roots, then appropriate backing from organisations like FSF and EFF and such could get the courts to recognize domains as place names therefore nondiluting.

Funny...

[Sly+Mongoose]

When I posed this exact question to Slashdot a few weeks ago, it was not considered worthy of inclusion in the AskSlashdot list! :-/ Anyway...

I don't see any technical reason why this would not work. If an organization set up their own top-level servers, then all that would be needed would be to persuade other people (ISP's and such) to use them! They could define a whole bunch of new TLD's and fail-over to the current serrvers for TLD's like .com etc. Hopefully the organization in question would be a non-profit organization with an ethical policy about things like squatting, domain speculation, dispute resolution and the like. We are talking FreeDNS or OpenDNS!

Of course, I have no idea about the LEGAL hurdles that might surface, but if the top-level servers were in Sealand (for instance) what sort of legal action could be brought? Would the USA (as owners of the internet, thanks to inventor Al) pass laws making it illegal for people in the USA (and of course, other countries) from using the OpenDNS service?

Re:Yes -- and one opportunity we missed!

[Fizgig]

Oh, is that what those New Line ads were referring to when they said "Internet Keyword"? On some of the movie previews, at the end instead of a URL it said "AOL Keyword: Foo" and "Internet Keyword: Foo". I remember thinking, that was a neat preview but I have no idea how I'm supposed to get to that home page, since it didn't actually tell me what an "Internet Keyword" is.

run your own root dns -- Grass Roots Servers

[Skapare]

I put together a concept a few years ago where those whoe run (or want to run) their own DNS would simply set it up as a root server by being authoritative for the "." zone. Within that zone, they put in the TLDs they want, and reference the name servers where they want that TLD data to come from.

The idea came to me as a result of TLD wars between different people who wanted to be the authority over the same TLD and had even already accepted registrations in those TLDs. I thought about who really should decide who is the authority for a given TLD (a number of different groups were trying to emerge at the time to do that). My thought was that it should be the open market, the people, the grass roots.

Roots?

So I coined "Grass Roots Servers" to designate the idea that each individual operator of a DNS server can choose for themselves what TLDs and who supplies the data. If you wanted to let NSI be authority for .com then you can (and I did). But you wouldn't have to if you didn't want to. If you wanted to leave .xxx out for a religious oriented ISP, great. If you wanted to hook into an underground source for the .mp3 TLD zone (now what what could that possibly be for? :-) you could.

The big stumbling block I saw was the difficulty in building a complete "." zone and keeping it up to date (servers do change) without destroying your selections in the process. So I gathered up as much data as I could get at that time (it is now out of date a bit) and built a web page CGI that would let you choose from known sources and it would build a "." zone file for you. It would also provide a means to save a page with hidden input fields that would come back with your original selections so you could regenerate the zone file again from your selections and new data.

It's open sourced (you can download source and the old database at the bottom of the page) because I wanted there to be many sources of info about TLD sources, just to make sure no one entity could grab control.

It is still online at http://grs.ipal.net/ . I have not updated it. If there is interest, I can resume it, or you can grab the code and data and go for it yourself.

Re:Put it in the hands of a known agentcy

[Felinoid]

Why dose the best reply to my suggestion have to be the greatest argument against it.
Your right of course...

Yes I am

[Felinoid]

Whats there ever any doupt?

[Bet ya didn't expect THAT...]

*Maniacle laughter*

Put it in the hands of a known agentcy

[Felinoid]

If you put it in the hands of a known agentcy such as the Free Software Foundation then it would be out of reach of corprate intrests.

In my view RMS and the FSF are IDEAL for running such a system. The pre-existing contempt for all the elements that give rise to the current DNS situation means the FSF would not cave to corprate pressures. Not at all.. they would be stronger as then exist in a state of battle.

It's a whole mindset thing. Basicly they allready hold contempt for corprate mentality so when corprate mentality comes along with "Our way or no way" the reply is swift and automatic "Go To Hell".

Anyway it dosn't need to be the FSF.. as long as it's a known agentcy with similer addatudes. Or form a new agentcy with RMS, ESR, BP and a few other advocates at the head. As long as it's a "known" in that we know it will behave to the benifit of the net and not the benifit of corprate culture.

Re:Put it in the hands of a known agentcy

[jackmama]

I'm afraid the joke just wouldn't work with http://www.GNU/domainname.com, since the domain would be read as path-on-host then. I'm sorry the joke offended your technical sensibilities.

Re:Put it in the hands of a known agentcy

[jackmama]

Nooooooooo!

My god, if you put Stallman in charge, everything will be GNU://www.domainname.com.

Re:Put it in the hands of a known agentcy

[Eil]

You be troll. Shoo, shoo.

Re:Put it in the hands of a known agentcy

[jcs]

If you put Stallman in charge, there'd be no .com, only .org and .edu (and .net, assuming they were non-profit).

Re:Put it in the hands of a known agentcy

[-BeeWarlock-]

Hmmm... I'm sure mr. Stallman would have been an excellent boss for a such project, but you have to remember one thing: the fsf is about free software, and only free software. If you add an open dns system to the political goal of the fsf, it would be a crime against the people who believe in free software, but do not support an open dns system.

What I'm basically trying to say is, fsf has absolutely nothing to do with it. Because, if you believed in one of the things only, you would have to compromise if you wanted to support fsf.

Re:Put it in the hands of a known agentcy

[lpontiac]

Sorry. The trolls have been getting to me - I've lost my sense of humour by the third beer post. (At least the penis birds were only a few lines long).

Re:Put it in the hands of a known agentcy

[lpontiac]

Pffffttt. The format of a URL is protocol://hostname/path-on-host. The protocol:// portion of the URL has nothing to do with the DNS. Neither does the path-on-host for that matter.

For this reason I fail to find the above funny at all.

Re:Money talks.. take it to their competition!

[wesmills]

If you register a name through a competing registrar, you are still dealing with NSI, just once removed. Since NSI manages the a root server and the technical goodies that make the shared registration system work, they get a cut of your fees (+/- $9 per year, I believe). Also, since ICANN theoretically sets the policies for this sort of thing, you have to abide by ICANN's rules, as well as your registrar's, as well as NSI's, since all three are involved in the transaction.

The point here is not that you can or cannot register domains with different people. The point is that the NSI/ICANN/other-large-corporate-entities have determined that the Internet is a Good Way To Make Money(tm), so they're going to make damn sure it stays that way. Since they also like trademarks, they're gonna want to enforce those rules as well. Since new TLDs would allow others to possibly register their precious trademarks, they either want to not have or severly abridge the ability to register names under this space.

Ergo, in the opinion of a lot here, a totally unbiased third party (who is capable of telling Monied Interests to shove off) is needed to run the central list of names and ccTLD delegations.

--------------------

Remember alt.*

[Oliver]

As much as this sounds a inviting idea, it would not work without some degree of control. Look at what happened to the alt.* groups on Usenet. A lot us usefull stuff, but even more junk.

Re:Remember alt.*

[ameoba]

Think about the servers. There's alt.* newsgroups that haven't had posts in years that just won't go away. They're like an infestation... as long as they exist on one server, they'll eventually be everywhere again.

If you wanted to use a free-for-all/GNUTella scheme, problems would definately arise, aside from the excessive ammount of traffic that'd be generated (let's face it, GNUTella is not a model of efficient bandwidth use), you'd have a whole different set of problems of how you'd deal with keeping names current. If a machine moves, how long does it take for the new IP to get redistributed? Or worse, a machine disappears, when could somebody take the name over? When could the servers dump it from their databases (I can imagine these thing's get big).

Perhaps you could put an expiration on registrations, but how long would it last? If it's too short, the sending of keepalive signals would clog the already innefficient network; if it's too long, then it doesn't solve a problem.

And we can only imagine what kind of stuff the scriptkiddies would pull on this setup; flooding the network with bogus DNS assignments, reasigning DNSs, setting up rogue servers...

Of course, w/ IPv6 rolling out, who knows...

Why?

[mindstrm]

What's the problem? Why would you want to protect against it? People are free to use *ANY* lookup service they want.

The Internet does not = InterNIC + HTTP. It is what we make of it. DNS is just one protocol of the countless numbers we *could* be using.

Nothing.. *NOTHING* prevents, or dictates in *ANY* way that an ISP must use the global DNS system. THey just DO because it's the only one there, and because it seems to work for them.

The problem, of course, is that any 'pirate' (really bad term.. REALLY bad term.. it's not piracy in ANY sense) DNS system would have to get off the ground. That means ISP nameservers have to *chose* to use it. If they all chose to use it.. no problem. If they don't, it becomes useless.

I say the real answer is get off the whole damn DNS thing. It's just a tool to map IP addresses to names. How we've virtualized it and use it (abuse it) for things it wasn't intended for.
your web site will be *just* as good no matter what hte URL is.

Oh dear, oh dear, oh dear

[periscope]

What is slashdot coming to when we start to get these kind of stories posted? A few points:

Use of the word "pirate" is plain dumb

This alternative registration was tried with alternic - they're still going, but "in the end, there can be only one" if you see what I mean. We don't have 10 different phone books, instead, the cable companies and other telcos share one common directory service - this is how it _has_ to be for DNS to work.

"What I had in mind was a system that was totally open and free, anyone can register any domain name or TLD."

That's a nice FANTASY. Whilst I am one of the biggest supportors of FREEDOM in this day and age, you have to face it - maintaining DNS _costs money_. Someone ultimately has to pay. The current system has its faults, but whilst we still live an a backward, money centred world, someone has to foot the bill and the current system allows this.

"In order to keep this DNS from leaking into the old DNS, I guess the servers could run on different ports."

This guy needs a good LARTing. He's getting confused between domain registration and DNS. NSI (with whom the guy seems to have an unhealthy obsession) are just one of many ICANN "approved" domain registrars. They aint the only boat on the ocean and there are alternative registrars. DNS aint quite the same as name registration is it? :) Deciding to replace a perfectly excellent system with a "new" idea is the Microsoft way - DON'T DO IT.

"I also had in mind a modified version of the DNS protocol, where data could be distributed in a Gnutella or FreeNet fashion."

When I first read this guy's submission I almost hit the monitor, he clearly has NO IDEA how DNS actually works. DNS _is_ distributed. Ultimately YES, we do rely on a few root servers to occasionally be up to perform zone transfers, but in reality, the system is pretty damn distributed in nature. This guy is getting the non-distributed nature of the WEB and the distributed nature of the internet confused and has obviously noticed how easily twits like Cliff will post drivel given half a chance.

" However it would be vulnerable to spoofing and faking data. "

How about requiring authentication and known zone transfer lists? Oh...wait! WE ALREADY HAVE THIS - IT'S PART OF DNS! :)

"Another alternative would be to only use this system to add new TLD's and use the NSI DNS for .com, etc.. This would allow TLD's such as .god, .sucks or .anything-you-want to be set up without interfering with servers not recognizing this new DNS. This would avoid naming collisions with the old DNS. "

So go talk to ICANN and get yourself set up as the registrar for .god, .sucks or .anything-you-want - sheeeesh, this guy has NO IDEA how ANY of the technology ACTUALLY WORKS!!!

"My hope was that something built in this fashion would be controlled by the normaleveryday users of the Internet, not by corporations."

NO! Your hope was to get a load of drivelly crap posted on slashdot, and, once again, you suceeded. Someone remove Clif's posting auth, please.

Some idiot Moderator is going to think this is flamebait or somesuch - NO! It's an honest retort to the rediculous submission that was allowed in. I'll be talking to the poster separately about their need to learn how things already work before they try to break everything with their idiotic ideas.

--
Jon.

Re:Oh dear, oh dear, oh dear

[guinsu]

>That's a nice FANTASY. Whilst I am one of the biggest supportors of FREEDOM in this day and age, you have to face it - maintaining DNS _costs money_. Someone ultimately has to pay. The current system has its faults, but whilst we till live an a backward, money centred world, someone has to foot the bill and the current system allows this.

Yes it costs money when you have a centralized database and centralized root servers. It is not completely decentralized. Just like napster. However Gnutella is decentralized and no 1 server needs to be that powerful. That was my original idea.

>When I first read this guy's submission I almost hit the monitor, he clearly has NO IDEA how DNS actually works. DNS _is_ distributed. Ultimately YES, we do rely on a few root servers to occasionally be up to perform zone transfers, but in reality, the system is pretty damn distributed in nature. This guy is getting the non-distributed nature of the WEB and the distributed nature of the internet confused and has obviously noticed how easily twits like Cliff will post drivel given half a chance.

No, DNS is not completly decentralized, the root servers still get hit a lot and cost a lot of money as you mentioned. And yes, I have _some_ idea how the current system works. I'm proposing that a new system is built, even if it is radically different than the old one.

I was not talking about making something like Alternic, but something new with no central root servers. Obviously what I came up with in a few paragraphs is flawed, but I posted it to get constructive feedback, not flames. Anyway, I have set up a site for this at www.piratedns.org. Please only e-mail me if you have something constructuve to say, not this flaming "it will never work, your just dumb" crap.

Tim

Re:Already being done - Thanks for the link

[paled]

Hi.
I just grabbed good.beer [.xs2.net] for free for the first year. Call me a squatter, but if the right person asks for it with good intentions, I"d part with it in an hour ...

Re:Slashdot really posted this inaccurate crap.

[blaster]

No, I don't think you know what your talking about it. Usenet is one of the absolute worst examples you could use. It has a huge amount of data replication. It uses a huge amount of bandwidth. It requires an immense amount of disk space, and it wears out disks like almost nothing else (modern disks are better then those of a decade ago). Propogating authenticated changes is almost impossible (hence no gloabl remove post command), and consistancy is horrid (look at a thread with 100 posts, many ISPs will be missing some).

Another factor is that a large amount of transfer time is in the protocol negotiation and handshake, which you need to do thousands of times, instead of once. That definately adds time to everything. It would almost certainly be slower.

Stallman

[quux26]

And this is bad why? [grin]

My .02
Quux26

'Pirate' DNS?

[LocalH]

What the hell is 'pirate' DNS? You mean to say that running your own root DNS server(s) is in any way similar to pillaging ships on the high seas? You, sir, are on crack.
_______
Scott Jones
Newscast Director / ABC19 WKPT
Commodore 64 Democoder

That is seriously bogus!

[TheDullBlade]

Hacking up a DNS to make things go to where some local bigwig thinks they should go, rather than the registered site, is very bad policy.

Sure, it seems harmless on the surface, but breaking the basic URL mechanism could have unforeseen effects.

What if someone wrote an article about how wrong it is for porn sites to grab hits (likely from minors as not) from mistyped URLs? What if they used the whitehouse.gov/whitehouse.com thing as an example? Anywhere it was remapped so both go to the .gov site, they wouldn't understand what the article was talking about.

BTW, I doubt you could get sued by whitehouse.com. They don't have any higher trademark claim to the domain than the US government does.

A blatant and libellous falsehood!

[TheDullBlade]

He wouldn't mess with the protocol! He's not that kind of egomaniac!

It would, of course, be: http://fsf.www.emacs.domainname.lignux.com.gnu.is. not.unix.stallman

Re:Already being done

[Billy+Donahue]

Name.Space kicks ass...
They won't anyone register a TLD...
In fact a TLD (.art, .media, .software)
has to be totally generic, and there has
to be some popular demand before they'll add it..
Anyway, the DNS chokehold is going to be
broken sooner rather than later... ICANN isn't
going to do it for you (obviously)...

So you can sit at home reading Slashdot all day
and hope it gets better (good luck),
or you can DO SOMETHING and support a cool,
serious alternative like Name.Space...
They've got the infrastructure working today,
and everytime I read a what-if post
about "starting our own alternative geek-DNS system" I feel like shouting at my computer
because this is exactly what Name.Space is
doing..

Re:A strange thought...

[Dom]

So I go out to IRC and spam everyone to change their nameservers to point to the new root name server instead of the internic one. A few might be unwilling, a few might be confused, but the great mass of users will jump at the chance.

What's with the assumption there? I certainly wouldn't touch a DNS server that some random person told me about on IRC! The fact is, that by using the "official" servers I can pretty much guarantee that when people give me a URL or machine name that I will be able to successfully look it up; if I've using your rogue service, I could get anything. And I think that quite a few of the users of your ISP would cotton onto this as well.

Re:Yes -- and one opportunity we missed!

[AtariDatacenter]

The difference between a keyword and a DNS lookup would be that a keyword does NOT end in ".com" or ".anything". The browser would use the fact that the user had typed in a location that did not use domains as its hint to look it up in a keyword database. The keyword database is like DNS in some respects, but would be a totally different protocol.

BTW... why the hell did someone give me original posting the rating of "flamebait"?!?

Re:Yes -- and one opportunity we missed!

[AtariDatacenter]

Probably because they thought it was a stupid idea? You wouldn't want to have a centralized database at netscape.com or microsoft.com because then that would be a single point of failure for the WHOLE WORLD!

What, you mean that Microsoft and Netscape aren't smart enough to set up their proprietary databases in a decentralized manner? In any case, that was the WORSE CHOICE. The best choice is that a third party runs the keyword database.

Who would be linked to the keyword "microsoft"? Would that be Microsoft Corporation, or a web page of "Microsoft Monopoly Practices"? Kind of like, who would be linked to "microsoft.com" or "microsoftmonopoly.com"? A keyword system would face the same challenges as the current DNS system does. But it should would be nicer if it was controlled by an open body.

Yes -- and one opportunity we missed!

[AtariDatacenter]

Yes, you could have a new DNS server with completely alternate TLDs that won't interfere with the existing system. But you'd have to be careful to steer clear of the way they are currently going with TLDs. A DNS server would point to the alternate root, which would return entries for the alternate domains, then pass along all others to the standard Internet root server. Or you could get nasty and pre-empt existing domains, but I don't think that'd be popular.

I mentioned a "missed opportunity" in the subject. Here's what it was. We had a chance to completely BYPASS the entire DNS crap years ago. Where? At the web browser itself. Now, I'm going to use a word that a number of people won't like, and that's "keywords". What if in Netscape, when someone typed in "glorious shoes", it didn't try to DNS it, or search engine it, but to look it up at a keyword registry site? (Sure, okay, its a little too close to AOL for some.) But the idea is to put the power of name lookups into the browser itself, bypassing the DNS mechanism. If this would have been done, NetSol would have been somewhat moot. (But then again, we could have created a new monster.)

Of course, it isn't TOO LATE for this to happen, but there better be a central keyword registry or Netscape and Microsoft will fight with registries of their own. Fun fun fun.

BTW... if someone can pull off this idea, they can become a VERY VERY rich person. If this becomes the case, please hire me. :)

Re:Yes -- and one opportunity we missed!

[jackmama]

Hrm, so your missed opportunity was actually a method which would have effectively worked for only the web? I can't say that we missed much.

Re:Yes -- and one opportunity we missed!

[TheGeek]

It blows.

What good are internet keywords that cost you money to register (and then we have the same problem as we do with .com names). Basically all this is, is a search engine that costs you $$ to submit your site to.
TheGeek

Re:Yes -- and one opportunity we missed!

[java.bean]

Yup, only on Slashdot is Probably because they thought it was a stupid idea? == flamebait. Sigh.

--jb

Re:Yes -- and one opportunity we missed!

[fwr]

Probably because they thought it was a stupid idea? You wouldn't want to have a centralized database at netscape.com or microsoft.com because then that would be a single point of failure for the WHOLE WORLD! You would definately want it distributed, and I suppose you could just have second level "keyword name servers" (KNS) located around the world that simply had a copy of the main database. But you'd still have humongous problems. Who would be linked to the keyword "microsoft"? Would that be Microsoft Corporation, or a web page of "Microsoft Monopoly Practices"? Would a list be popped up that let the user choose which site they wanted? If so, how would URL's work? Would the user get a hundred popups for each jpg or URL link in a web page to confirm that they wanted the first location instead of the second? If a list wasn't popped up we would still have the problems we have now with people fighting over "ownership" of domain names. No, that wouldn't work as a replacement for DNS.

However, there is a company that uses keywords, or something like it but I forget what they call it. It hasn't caught on much, and it's only for the first "lookup" when you type something in the location field and hit enter. It's not a replacement for DNS, rather just a shortcut mechanism so that you could type in microsoft instead of www.microsoft.com. Then again, there's nothing to stop a web browser from looking up www.xxx.yyy where xxx is what you type in the location field and yyy is a list of most common TLD's. This would result in basically the same functioning of the "keyword" system this company sells without the cost...

Re:Yes -- and one opportunity we missed!

[Cinquero]

Keyword lookup? That's exactly the same as DN lookups. Maybe there are more rules to Domain Names, but the same problems would occur. That's for sure. But if you use _a complete database_ instead of just single keywords (like Yahoo's directory), that could work. Browsers would need to have a small and efficient database interface implemented into the location bar to do that, browsable like Yahoo or any other directory, but of course a lot faster. If you want to go to IBM's website you could either just type in 'IBM' and the browser could check what sites you have visited shirtly match best or you could select the business section, the computers, then manufacturers and then IBM or so. I don't see a problem here (except for the implementation), only advantages.

Re:Yes -- and one opportunity we missed!

[logiceight]

This is already being worked on, check out RealNames

This works with internet explorer and several search engines.

Re:Yes -- and one opportunity we missed!

[Unhappy+Windows+User]

Win2k's version of *cough*Internet Explorer*cough* uses such a system from a company called RealNames, who, in turn, makes the companies whose names appear on the register pay through the nose.

"Innovate": to embrace, extend and extinguish

A strange thought...

[Restil]

just occurred to me (probably due to lack of sleep). Imagine that a service similar to internic was established (I could do it, I got a spare 486 around here somewhere) that acts as a root domain server. I point my nameserver at it to feed me addresses. The root nameserver will check its own databases first and if it doesn't find a match, it will then query the internic root domain servers. This would allow me to use microsoft.com or any other domain that has already been taken.

Obviously, this has limited use when there's only one person using it, but nobody is FORCED to use the primary internic root nameservers like everybody does. A nameserver could use ANY root nameserver it liked.

Lets say I run a small isp, something around the size of AOL. I set up my nameservers to use the alternate root nameserver (still using the 486 of course). Then I decide that I don't like microsoft (can't think of any reasons at the moment, but I'll worry about that later). I therefore "register" microsoft.com on my root nameserver and now all the 18 million users using my isp will see the NEW microsoft.com. Microsoft still owns microsoft.com. The original microsoft.com site is very much in the same place it always was. Every other user on the internet is able to access it directly. But not my users. My users see a glimmer of a gentler, kinder microsoft. Perhaps a microsoft that promotes linux.

Microsoft will eventually catch wind of this.... maybe one of their employees prefers my isp over MSN and notices that the microsoft homepage looks funny, and reports it. After several multimillion dollar lawsuits against internic, they'll eventually discover that all my users are not using internic, but a different name service provider. Microsoft is not pleased. They want microsoft.com.

But they already HAVE microsoft.com, and despite the fact that they are now in debt greater than the US government, internic insists they STILL have it. At least the lawyers are happy. Microsoft attempts to get us to fix our problem, but our name service provider doesn't conform to any federal regulation. Nobody is forced to use my service any more than a user is forced to use windows on a PC. Of course, my 18 million users might start leaving in droves if they discover that I've been deceiving them all along, but then again... an internet without Microsoft... worse things could happen.

Lets say that all the microsoft lawyers go on a 6 month vacation and therefore microsoft doesnt' press any legal agenda toward reclaiming their domain from us for a while. I decide to set up another top level domain (.mine) for my personal name service. This way, someone can access microsoft.com.mine to get to the microsoft.com that I provide from outside of my isp service. This means that everyone on the internet now can access my domains even if they don't want to use my name service exclusively. (Its starting to look as if I might have to upgrade that 486).

But why SHOULDN'T they use my name service over internic's? After all, its just as good. So I go out to IRC and spam everyone to change their nameservers to point to the new root name server instead of the internic one. A few might be unwilling, a few might be confused, but the great mass of users will jump at the chance. I can also send out a large number of emails to all the isp's to use my name service instead of internic's. Promote the advanced technology of the 486 over whatever it is that internic is using. Chances are, it won't be too much of a stretch. Once I have a significant portion of the internet using my root domain servers, microsoft will gradually disappear from the web, and nobody would be the wiser. Oh sure, the news will be blasting it out to everyone every hour of every day, but ILOVEYOU and MELISSA were able to spread despite massive news reports, so I can't see how it will make any difference.

Internic was established to provide a single source of name service and was regulated by the government (to some extent) to provide those names. However, I know of no law which forces me to use them as my root nameserver, nor do I know of any law that forces me to provide customers with internic root name server access.

I'm sure I'm missing some key points in trademark law which would bite me in the ass before I got too far with this. But someone with the time and the resources could pull this off on a small scale and get away with it for a while and depending on how the laws work wherever that company is..... it might be viable. But with only a single 486.... very VERY slow.

-Restil

Re:A strange thought...

[Money__]

Re:" .. kind of makes you wonder how many "features" in software or computers in general were developed by somebody who was about to zonk out from over-caffination riding over pure exhaustion."

VBS ? ;)
___

Re:A strange thought...

[ChadM]

that's actually not a bad idea, but it wouldn't work on a large scale. it'd be funny to play around with for a few people i guess but it probably wouldn't catch on any further than that. i think i had an idea like this once(also in the hour just before i pass out from lack of sleep). kind of makes you wonder how many "features" in software or computers in general were developed by somebody who was about to zonk out from over-caffination riding over pure exhaustion

Re:A strange thought...

[ZhuLien]

Why not someone write a new browser (or perhaps modify mozilla) to automatically understand a new type of URL, ie: instead of HTTP://www.microsoft.com COOLWEB://www.microsoft.com Whenever this new URL format is clicked on by the browser, the browser will lookup somehow the mapping between this COOLWEB URL and the HTTP URL and redirect it automatically without the user knowing about the redirection. This would be just another layer in the same way current domain names map to IP addresses. There is also no reason why a newstyle domain name needs to be formated in a technically minded way as currently is either. We could have COOLWEB://I hate microsoft alot and point it to http://www.microsoft.com If enough websites eventually were to use the newstyle URLs and the browser was good enough then the world would adopt it. btw - I have a sort-of working webbrowser that was intended to do the above, but it is by far not stable and written in VB (and needs to be rewritten in another language to support threadding properly). It is called GODBrower :) It can also browse websites in a windows explorer fashion to make downloading pictures etc a breeze.

Re:A strange thought...

[NevDull]

Yeah... who needs to be able to use standardized calls like gethostbyname() anyway?

Yes, it could be done.

No, it's not a good idea.

Re:Truly Off Topic

[Sea++]

That's truly scary!

This is already happening on small scale

[zmooc]

I already see more and more people running their own DNS services with fake names. It's just a matter of setting up a common pirate root dns system and letting the pirates use those.

Spammy is already doing this, for different reason

[Grand+Facade]

opening multiple accounts with IP# only, they then do their own DNS to point to the website on the IP account. When the IP account gets nuked they switch the DNS to the next IP acount (mirror website) so it can be accessed with the same URL thus getting more mileage from their spamvertised URLs. Bastards

Screw NSI, they suck
Use Joker you will be much happier.......

Re:If the new system were subject to popular contr

[supernaut]

3. For the cases when the majority gets disgruntled by monopolistic practices, or when companies don't bow to popular pressure to open up (e.g. ebay or icq), or for the cases when the community can build a better replacement for a site that's holding back the natural development of internet for the sole purpose of making billions, we reserve the right to revoke any domain name with a popular referendum a la USENET

Yes, however, with the size of the web, and the DNS system, Im afraid that Mark Twain's eerie words would come to bear:

"If you want to make sure nothing gets done, form a committee. "

I think it would be hard to garner a clear and concise 'majority' with the population of the net. Especially when you would consider the fact that you might have alot of factions, each with an axe to grind over this and that.

While I favor doing *something* about NSI, somehow, I dont think putting it *all* into the hands of the net community at large is a wise idea.

5. People may not rent, sell or delegate any of their decision-making powers, and the new DNS shall remain forever under popular democratic control

This is a nice idea. But, not very feasable. The quickest way to get someone to do something, is tell them not to do it. In addition, such a policy would most likely be riddled with loopholes. Not to mention, how in god's name would such a policy even be enforced? Granted, I would find it difficult to believe that someone like bill gates could get a world majority of people to vote his way, either thru rent/bribe/payoff.......but, still, even if they did, this idea is wholly unfeasable.

hehe, now THAT's funny

[linuxmop]

gotta love it: Only 10 years later do we discover that Dork is actually a replicant.

Many problems, not one solution

[werdna]

While I agree that the present primacy of NSI over .com, .org and .edu raises several problems, it is important to note from where NSI obtains its authority, and seat the blame appropriately. This solution may work itself out in time, once there is a non-NSI infrastructure capable of picking up the registry slack. Outfits like register.com are proof that sound competition is possible.

Now the trademark issues do not derive from NSI itself (although certainly some of them do), but from the tradmark laws, really stupid special-purpose legislation (the cybersquatting bill) and from limitations of the technology itself. Eliminating NSI from the mix would change none of these things.

The fact of the matter is that it is unlawful to use a mark in violation of trademark laws. Mere registration is not, by itself, an infringement, subsequent use of that registration will be. It doesn't matter who is registrar for the domain names -- the lawsuits will ensue. The anticybersquatter act further ensures this.

The problem is not with the law, either. Trademark law has developed reasonably over the centuries, and can readily cater to plural persons being able to use the identical mark. (ABC for a TV network, an unrelated pizza chain, an unrelated chain of liquor stores and countless garages and other small businesses; AAA for everything, and Acme for everything).

The difficulty derives from the fact that unlike a telephone listing, a domain name is unique. This doesn't have to be, although it is very convenient to have it be so, and technology could evolve, and maybe should evolve to permit plural acme.com's. See, e.g., an old white paper I wrote about five years ago on possible alternatives.

But the bottom line is this: NSI overreaches regularly, only because they can. They can only because NSF lets them, which it does because no one else was ready to step up to bat last time it was time to renew a contract. This is changing as we speak. And competitive registrars will probably intervene to protect their territory and prevent further overreaching, at least to some extent.

I see no reason to believe that another registrar, however well-meaning, will be better or worse than the status quo, absent a uniform set of black-and-white rules enforced by a meaningful authority.

Anarchy will make the problem worse, much worse, and not any better. Further, fear of the consequences of such anarchy will preclude the necessary critical mass to build to make the new top level domains possible.

I think we should rely on, and exploit, existing processes to hold NSI in check. This requires some patience, and perhaps the creation of some new technologies, but it can work. Other solutions proposed thus far seem only to introduce new problems, and probably no real new benefits.

Re:Decentralization=Good, and Bad

[catfood]

Rumor has it that someone even came up with the idea of giving each state/local province their extension, (so North Carolina would have the extension of www.*****.ncs.us...

Some rumor you got there. Maybe you should check with the people who have run, for example, state.oh.us for years now. It's been done.

If you want to set up your own namespace, it is perfectly simple. ML.ORG did it years ago, and shut down only because it was getting difficult to provide as a free service.

Been there, done that, got the t-shirt

[tigress]

This thing has been done already. Even the .god TLD has been done. There's EVEN been news stories about that (I don't know the URLs since it was a while ago, but I beleive CNN carried it).

Where are those now?

Sorry, but the established DNS network is there for a reason. Guess why? =)

The Alternic Model

[cameldrv]

Well, despite what some of the other posters have said, I don't think that IANA ultimately has as much power as is claimed. Ultimately, as the saying goes, possesion is 9/10 of the law, and the ultimate reason that you get NSI's database when you type in the address at the top of your browser is this: You query your ISP probably, who is probably running BIND, which has a list of IP addresses for root servers, the first of which being the A root server, which NSI has direct control over.

The way to get your alternic style system implemented is to convince Paul Vixie, who can put your addresses by default into new versions of BIND. If Alternic had been able to do this, they wouldn't have had to convince ISPs one at a time to change their configuration, it would have already been there.

open root server confederation

[Oniros]

Isn't it what the open root server confederation is about?

This would actually be relatively easy to do

[sgml4kids]

If a group (of, say, 12 sites) created their own root name servers that contained the records for the delegated TLDs from the root servers, you would have at least the beginnings of the system you are advocating. I don't think that ISPs would have many objections to using these "alternative" root name servers since they wouldn't have to pay the registration fees anymore.

This could be done quite transparently. Whatever group (the FSF or whoever) is co-ordinating this could then introduce new DNS record types or drop the BIND architecture completely.

Everyone is missing the whole idea

[Jason+Straight]

Everyone is whining about how it wouldn't work because NSI would sue, or they would have to use different tld's. WTF?

The whole point to this would be to use newer better ideas and technology that wouldn't be so controllable by any 1 entity. What you are saying is like "Let's make a new OS, but how can we call it windows without getting sued?"

Well, you don't call it windows, because it isn't. You make a better model, like linux.

With NSI you don't stick to using bind and their root servers, if you want to protect the scheme of it you need to write either custom bind type software or a patch so bind will look at the new DNS rootservers and be able to handle the new custom data.

Don't worry about having .com .org .sex .music or whatever NSI might do, look at the pattern and chose something that is nowhere near what they will use.

If wer are re writing DNS and the rootserver we can change anything. It doesn't have to be .anything. We could do .-com .-net or something different from nsi

As for gnutella I don't think that's the way to go. Granted it keeps the power out of 1 persons hands but puts it into everyone elses. Any damn script kiddie out there could be taking down large sections of the internet by putting false info in there. There would have to be some kind of md5 checksum taking place between differnt servers on any given check.

I just wouldn't want to think what even 1 person could do if they hijacked a domain on their distributed DNS server (gnutella like). And took over something like ebay or citibank, then 50 people out there get a tainted entry for that domain and pass it on to 50 more each. ouch.

Re:Don't forget the great uncleaned masses

[quonsar]

When I caught him going to Yahoo first and typing www.amazon.com, it opened my eyes. I've since learned that very many people use portals and indexed catalogues as namespace locators, even using them as URL entry forms.

My mind still boggles at this. I have a web hosting client, an attorney who is a bright guy. A while back he registered several related domain names and I pointed them at his site.

About two weeks later, he calls me and he's pissed, claiming I haven't done the job he's paying me to do! The domains don't come up, he complains. But they do! Just type it in your browser, I say. In frustration, I have him describe EVERY step he is taking, and discover that this is EXACTLY what he does, everytime - he goes to Yahoo! and types into the search field.

I am dumbstruck! This makes as much sense to me as putting on pants to take a shit! And this horrible glimpse of another reality dawns and hits me square in the face - he totally lacks distinctions with regard to technology. In fact, in a very real sense, technology=computer=internet for him, no distinctions. He doesn't distinguish the Yahoo! document from the browser it is displayed in from the OS running the browser from the machine running the OS. He can't. Not because he's stupid. He's never needed to. Or known he could. Now considering all of that, he has still managed to make this web shit useful for himself. Confronted with an undistinguished jumble of computer, monitor, browser, preset home page and a lot of text, he DOES distinguish the button labelled "Search", and it produces useful results for him. And it has worked quite well for many months. Until something he wanted couldn't possibly exist yet in the search engines. And he, in the year 2K, is a veritable technogeek compared to most of the population.

But the most stunning aspect of this was what it said about me! About the assumptions I make everywhere: in performing services for people, in delivering information to people, in my day to day conversations with people around me. About how very, very different the same thing can appear, depending on who is doing the perceiving.

"I will gladly pay you today, sir, and eat up

On a PRIVATE network???

[SvnLyrBrto]

IANAL... are you?

But I can't help but think that this is more a matter of typical micro$oft "we're gonna sue you into oblivion if you don't follow the word of bill" than actual law.

For instance... an example from real life...

When I was still in school I was on the admin team for the UNIX network. Now, at one point while I worked there, some drone from one of the pedantic majors (future marketdroid or mba type I think) went looking for information on the US goverment, and surfed over to... you guessed it: whitehouse.com. Well, little miss anal-retentive promptly threw a fit and complained to everyone who would listen... including a nasty letter to the school president. Eventually the order came down from somewhere above: We were to redirect whitehouse.com to whitehouse.gov in our DNS. We did, leaving a easy to exploit way to get to the real whitehouse.gov if anyone cared... as the OFFICIAL policy was not to censor net access (this was well BEFORE the RIAA began harassing schools to block napster).

So, were we, therefore, in violation of the law, for changing DNS on our own PRIVATE network (at a private school, not a state one)? Could whitehouse.com, had they gotten word of it, sued us over the remapping AND WON????

At home, I have microsoft.com remapped to www.kmfms.com so if any of the two other people who have access to these boxen suddenly become drones, they will be sent to a place they can get help. It is ILLEGAL, to change DNS???? On my own PRIVATE network???

That seeme totally idiotic to me, if it is true.

john
Resistance is NOT futile!!!

Haiku:
I am not a drone.
Remove the collective if

In the beginning....

[jaypifer]

I think an excellent way to begin would be:

1) Set up your private DNS server that accepted the new domain names. 2) Offer users the ability to use that server as their own. 3) If that server doesn't have the domain name in its database then it will route people to the "normal" TLD's.

This will allow those who want to use the new system to use it and to get routed to any domain and to supercede microsoft.com if someone chose to. If the name doesn't appear on our private DNS server then we get routed via the standard means.

If a rule (guideline) were in place that we not use .com, .org, .net, etc. then no overlapping would occur (as the TLD's stand today).

-jp

We can have a free www

[DerMarlboro]

We really can have a free world wide web (the way it used to be). Remember all those little banners you used to see a couple years back? "Corporate Web Sites Kill The Internet Dead" I thought the loonies who posted those at that time were paranoid. But they were 100% right. It's happening. Witness the multi-billion dollar corporations bullying private citizens and shaking them down for domain names. It's sick. But how can we stop the big money folks from destroying the new (let's call it FreeDNS) naming service?

We look to GNU and its GPL. That powerful license has kept free software free up until now. The basis of free software is "you're free to play with us, but if you do, you must play by our rules". The GPL says that if you want to use our GNU software, you may, but then you have to play by the rules in this license.

Imagine a contract for new domain name registrants. It will have them agree to play fair if they're going to play. Here's a sample of what I'm thinking of.

FreeDNS terms of service:

1) By registering a domain name with the FreeDNS service, I am agreeing to adhere to any and all terms in this FreeDNS terms of service contract. Where there is a discrepency between this and any other contract, this, the FreeDNS terms of service contract, shall take precendence.

2) By registering a domain name with FreeDNS, I agree to not challenge at any time the ownership of any FreeDNS domain name, neither existing domain names, nor domain names yet to be registered. I agree that any domain name registered by any person or organization containing any of my trademarks or other intellectual property.

3) I understand that if I ever do challenge, civilly or criminally, any domain name held by any other person, I forfeit my rights to participate in FreeDNS. Although I may legally prevent others from using my trademarks and other intellectual property in FreeDNS domain names, I understand that this shall preclude me from participating in FreeDNS.

4) By registering a domain name with FreeDNS, I am relinquishing any domain names such that I have gained control of through civil or criminal prosecution, or through legal settlements, or by coersion via threats of civil or criminal suits, to their previous owners.

5) By registering a domain name with FreeDNS, I am agreeing never to sell any FreeDNS domain name to another party for any fee or in exchange for any good or service or favor of any sort. I understand that any transaction is invalid, and such a transaction puts the sold domain name into the pool of registerable domain names. If it is discovered at any time that I sold a FreeDNS domain name, I make myself liable for any and all damages arising from the breach of this contract.

6) I agree that failure to adhere absolutely to this contract voids any and all FreeDNS domain name registrations that I hold, and that they shall return to the pool of registerable domains.

This does a few different things (and IANAL, so obviously, this would have to be beefed up by a real attorney). First, it says that if you want to participate in FreeDNS, then you can't try to take anyone else's domain name for any reason. If you choose not to participate, then you can sue to have, for example, microsoft.sux removed from use and removed from the pool of registerable domain names. However, if your company, for example, microsoft decides that it DOES want to participate, it will have to give back any siezed domains and play nice. So if my company, DerMarlboro Enterprises, registers dermarlboro.com, and some yahoo registers dermarlboro.sux or dermarlborosucks.com, I can't challenge that, and I can't even threaten the registrants of those names or else I will lose my right to participate. Plus, sale of domain names voids them, and voids all other domain name registrations by the seller, so the motivation to cybersquat is removed. You can't sell it. If you try, someone else can get it for free.

Personally, I think it should have been done this way to begin with. But when nameservice first appeared, who would have imagined the friendly bearded sysadmins who owned the domains SUEING one another because one owns sysadmin.com, and the other registers sysadmins.com? It turns out to be true. Corporate web sites really do kill the internet dead.

Re:NOT Flamebait

[TheGeek]

I agree. But I'll get moderated down for agreeing. That's what Slashdot is all about.

Have you Meta-Moderated today?

TheGeek

Re:Already being done

[TheGeek]

1. They charge a $30/yr fee, which sucks.
2. They still have the 26 character limit.
3. This is not going to work either until you don't have to change your DNS (and do you really want some unknown company seeing that your IP address has hit 97% of the .perversion domains it has registered).

Coud someone who really knows their stuff explain completely how my copy of Netscape goes out and finds a domain? What happens if I type www.adomainishere.blarg? Does it check the root servers for the administrative server for .blarg domains, or does netscape balk at that?

TheGeek

Re:Already being done

[TheGeek]

That's very useful, thanks.

So...all that needs to be done is to get the root servers to learn who is authoritive for the .blarg domain, and .blarg would exist...Now, since earlier in the posts, it turns out that ICANN now controls the root servers instead of NSI, we can safely say that pushing ICANN to increase the number of TLDs is the right way to go.

Now understandably, ICANN moves slower than Alan Cox installing Win2k server, so maybe it's time for a petition with teeth? (As in: I want the TLDs ASAP, or I'm going to start my own TLD)...if there are enough signatures, they will have to implement them sooner rather than later. The implementation should not be that hard from a technical standpoint, should it?

TheGeek

Geographic domain names

[fwr]

It's already there. Havn't you noticed some sites end in .uk for Great Britian, or .au for Australia? Or how about good 'ol .us for the United States of America? I know at least the .us domain is broken down further, with a sub-domain for each state. So I could get an address in .ga.us since I'm in Georgia. Haven't looked further, but I'd assume it wouldn't be too difficult for your local town to be able to get a sub-domain in their state domain, so you might have altanta.ga.us, and then you could get a domain in that, like nutcase.atlanta.ga.us.

Re:Geographic domain names

[Cinquero]

Nobody is forced to use them. Point. Therefore they are totally senseless because the legalities remain.

Needs

[Keefesis]

This is a great idea, we need to cataylist it forward. We'll need to make a website & other crap, I'll test the winnt clients :)

Mmmmm....

[kuroineko]

It's probably possible to create an alternative
DNS, but think about resources and skills required
to run a distributed database of this kind. Not a
trivial thing.
However, some uneducated wannabees try hard to
find their way to easy money of the Net. Yes, I
mean newly sprung FreeNet, these guys seem to be
absolutely ignorant about a neat lil thing, called
URL, save for primary keys or another unique
IDs in distributed enviroment.
Everything has its cost. Although alternative DNS
could be considered an idea to brainstorm just for
fun, to keep the heads busy, the feasibility of
such a system seems very questionable IMHO.

NSI wants to see other new tlds

[rs79]

NSI is under contractual obligation by the US government NOT to add new tlds outsuide the bullshit ICANN process. I have done work for them if if they had their way they'd add new tlds in a hot second. Their reasoning is they can make lots of money selling registrations into new tlds no matter who runs the actual registry.

New TLDs outside the "system" - redux

[rs79]

I'm glad to see an inreased awareness and interest in domain names "outside" the "system". The "system" of course being the horribly inept and corrupt ICANN process.

The DNS landscape is littered with aborted attempts to do this: Alternic, EDNS, uDNS and other good ideas that turnd sour. As of today the only efforts that still exist are ORSC (which can trace it's roots back to the original "new domains" mailing list 5 years ago ("newdom", see http://www.newdom.com/archive), name.space, TINC (http://tinc-org.com) and Adam Todds irsc/narsc/aursc stuff.

I'm biased because I am heavily involved with ORSC but I urge people to look at all them and make your own decisions. I did and have found the Todd and name.space do "not play well with others". TINC is an exception; they're cool and have a major clue. Where we disasgree witht them is TINC belives "no more than one TLD to a customer" and while we're not sure what that numebr should be, we know it's not one. So, we go our separate ways but work fairly closely.

There are a couple of errors in the orignal post I'd like to correct. First of all the venom directed at NSI is undeserved. NSI operates under a contract with the US departent of Commerce and has it's hands tied so tightly it's a wonder they can do anything at all. I'd like to point out that NSI has done more to help the alternative domain community than any other company to date.

So, I have to say NSI is not the great Satan here - the coopted US Department of Commerce is. Large three-lettered companies have spent almost a billion dolars to make sure no new tlds ever see the light of day and the DoC has it's strings pulled by these clowns - or hadn't you noticed that in almost two years of ICANN existance the only thing they've done is make big lawyers happy by implementing the UDRP that helps trademark owners ans screws the avrage domain owner. (see http://www.news.com/Perspectives/Column/0,176,459, 00.html) and have done nothing except talk about new tlds.

Worse, ICANN does not have the power to create new tlds! All they can do is make suggestions to the USG Department of Commece who actually control the legacy root zone that IANA used to own. You can verify this by reading the GAO's whitewash of ICNANs illegitimate birth where they state outright that "the DoC has no plans to hand control of the root zone over to ICNAN" at www.gao.gov/new.items/og00033r.pdf)

The problem is not one of gnutella or distributed whatsits, the problem is one of education.

New tlds registries exist, and some have existed for 5 years. Alternative root servers exist and can be used by anybody.

Forget Alternic and eDNS; they're dead Jim. They once enjoyed some resonable support but now exist as names only, haveing been sold to other people for the name value (such as it is).

In conclusion, there is really no need to reinvent the wheel. If you want to play in the new domain area and outside the government controlled root zone you can do that now by pointing your nameservers away from the legacy root zone.

There's more than one way to do this, but my favorite is to secondary the ORSC root zone; in this manner you become your own root server and save one level of lookups as your server now knows where all the tld servers are.

What's (very) important to understand here is by doing this you will still be able to use com/net/org but now will also be able to see new domains such as http://lighting.faq and http://free.tibet - it's not an either/or situation.

For more information look at these urls:

• ORSC Root zone: ftp://a.root-servers.orsc/pub/db.root also available via http://dns.vrx.net/tech/rootzone/

• ORSC website: http://www.open-rsc.org

• How to point to new root servers: http://support.open-rsc.org/How_To/

• ORSC mailing lists: http://www.open-rsc.org/lists/

If enough people do this we can take control of the net back from the lawyers and inept government wonks that control it now.

Don't just sit there with your thumb up a penguins butt, DO something!

See www.tinc-org.com

[eludom]

See www.tinc-org.com. They're trying to
set up new root servers that delegate
the existing ones (.com) to the existing
servers.

---Eludom

GNUtella

[Money__]

GNUtella is Distributed with no central control showing conected computers in real time. This peer to peer type of conection is the perfect "pirate DNS". The only problem is that the searches work on a file name level. What would help is a spyder or bot to crawl gnutella and index all the html content. hmm I wonder if gnutellabot.com is taken. ;)
___

Re:GNUtella

[Money__]

You bring up an interesting point about bandwidth and you're right. The searches are to bandwidth intensive (can you imagine running gnutella at 28.8? . .yuck). A bot (on a *very* fat pipe) that crawls ~4000 GNUtella hosts on a timely basis and only indexes the html content could serve up http based searches in a browser and remove a little of the overhead involved in searching on gnutella. Then, once the user finds the content they need they would click link something like this: gnutella://123.412.112.223/gnutellastuff/content.h tml.
This hyperlink selection would start gnutella and could be passed through the gnutella plugin and shown again in the browser (Note: no DNS needed for the domain as we're using the other users IP).

Even after all of this, we still come back to the point you raised about bandwidth. Every peered computer serving up content would have to have a 256k+ connection in order to make such a scheme even remotely useable because they need to handle the existing searches of a growing host list and they need to handle new search bots consuming their bandwidth with "deep scans". Perhaps DSLnet would be a better name for this.

This does have it's advantages, as it would be:

1) Built on existing technologies (Browsers, Gnutella packets, indexing bots).
2) It would give a point and click interface to a distributed file sharing network with no central control.

___

Re:GNUtella

[Caspuh]

I don't think this would work. Looking for "microsoft.com" would probably get you a different machine every time, because there would be no way to keep people from claiming it as thier own. And even if you did manage to come up with a way to register names, it would still be easy to send out incorrect records.

Re:GNUtella

[Cinquero]

Well, Gnutella extremely wastes bandwidth and searches don't reach most of the hosts as far as I have experienced. A host that is connected to another 20 hosts gets several Megabytes of traffic per Minute... and the net is only 2000-4000 hosts large.

The problem is not the network structure or to have huge central servers (which are not _really_ needed), it's the coordination to keep the IDs (Domain Names) unique. That will never work with the current type of Domain Names if done without law and a 'super-force'.

Re:GNUtella

[Lunaryn]

> remotely useable because they need to handle the existing searches
> of a growing host list and they need to handle new search
> bots consuming their bandwidth with "deep scans".

First off, I apologize in advance for posting about GNUtella when I really don't know much at all about it... but I wonder if individuals might at their option run a program or script to index the content and make it available as a single file, which the search bot would specifically retrieve... it seems like that might reduce some overhead. (Esp. if the index file is compressed after being generated)

Re:your sig

[Money__]

Re:"Political food for thought: Nazi Germany was the first powerful nation to ban the private owernship of guns

. .and the first nation to promote bad typing.
___

NOT Flamebait

[donutello]

Don't moderate a post down for the opinions expressed in the post. Even if you disagree with the posters viewpoint, the post was certainly not made for the sole purpose of inviting flames.

Re:Already being done

[erlando]

>Coud someone who really knows their stuff
>explain completely how my copy of Netscape
>goes out and finds a domain?

Here is what happens:
- You type in www.adomainishere.blarg
- Your resolver asks one of the DNS'es you have typed in: "Give me the address of www.adomainishere.blarg"
- The nameserver says "WHAT?!" but keeps it to itself.. ;-) It first checks the zones it's authoritative for. Then the zones it has cached. If it doesn't find an answer, it asks one of the root-servers: "Who is authoritative for .blarg"?
- If the root-server can't find an authoritative server for .blarg an error is returned to your nameserver which forwards this error to your resolver which again forwards it to Netscape. Now Netscape tells you that the host is unknown.

"DNS and BIND" by Albitz and Liu (O'Reilly) has everything you would want to know about DNS. Also RFC's 1034 and 1035 would tell you a lot. Goto http://www.rfc.net for those.

Also "DNS Resources Directory" at http://www.dns.net/dnsrd/ has a lot of information worth looking at if you want to know more.

I hope it's useful. :-)

New TLD's

[nowindowz]

Forget useing the existing TLD's. IF we use our own TLD's like .screwnsi., that would make it backwords compatible with the existing system. If the new DNS does not know of a microsoft.com it would hand it over to the old system. The hard part would to get the existing nameservers to hand the request for whynsisucks.screwnnsi. to the new servers. Now if we had everone change there DNS servers to the new one it work, but that would be hard to get done. The only thing is that we would have to charge for this service to prevent abuse of it.

Are you insane?

[Djinh]

Giving control over such an important part of net infrastructure to any one person? A bastard-treehugging-hippy-communist at that?!

ICANN sucks, but it at least tries to appear to be a democratic organisation, which can only be a step in the right direction.

The whole DNS/domain/.com system is a mess. The best thing would be to scrap .com/net/org, and make them all re-register under .us.

Chances of this happening are as near to zero as makes no odds, so we're stuck with it. Giving the whole thing to RMS and his hippies isn't going to solve anything.

Different ports

[Jade+E.]

If we were to do such a thing, we'd need to design something that would allow normal DNS lookups (i.e., those done by browsers) to work with both new and old addresses. Maybe run the new services on the same port, but change the format of the query... That, or write a DNS server that would recognize which TLD's were which, and used the appropriate root servers. (I don't see it being overly difficult to get a server using a hints file that differentiates 'old' and 'new' root servers...)

Yes there is.

[Punto]

I wrote a site to did that, last year. People would have to download a program that would add "." and ".redir.freenic.com.ar" to the searchlist (a key on the windows registry). So, if they look for yahoo.com they'll find "yahoo.com.", and if they look for "porn.porn" they find "porn.porn.redir.freenic.com.ar".

I drop the proyects for a number of reasons (I'd have to get everyone to download the program, it wouldn't work with some configurations, I had to mantain the program (I'm not a very good C programmer), etc). It might still be up on freenic.com.ar (spanish). It was a good alternative to the other existing sites (I found at least 5 of them) because this works with the normal DNS system, and not all requests go to my DNS servers..

It was free, didn't need any DNS configuration.. I may bring it back up again on the future..

--

Re:Yes there is.

[Punto]

It might still be up on freenic.com.ar

Actually, it's up, but none of the CGI works.. The program is still there to download tho.

--

Something like Sealand comes to mind

[browser_war_pow]

I know it couldn't be done without much expense but something like Sealand would offer a wonderful advantage. Some eccentric rich person could buy a small carribean island, setup shop there and create the ultimate data haven/dns service. He could then petition either the US or some of the European nations to recognize the island-company as a soverign nation... if that fails he/she could always go to Japan.

If that were to happen we would have a DNS/Data Haven that is unrestricted by bullshit like WIPO and thus can give its domain names on a first come, first served basis. Frankly I don't think it is possible otherwise to do DNS without incurring the wrath of the corporations seeking to "protect" their trademarks.

and what do you accomplish?

[acecccp]

Basically, this whole thing would just be to screw over Microsoft or to fix some short term issues with the whole name server system. But in the long run, you'll simply have to face all the problems of the new system all over again. It's kind of like saying the establishment is bad, if we try really hard, we could overthrow the government! But what then?

Way of stopping squatting...

[Sadiq]

I thought of some possible ways of preventing squatting. First, up the price of a domain, having domain hovering around the $10/year mark is stupid, people are just going to buy huge amounts at that price. Secondly, ban the resale of domains. Thirdly, a domain can only be registered if it is payed for at the time of registration, none of the way NSI used to give you a grace period to pay for the domain, which enabled squatters to register and re-register large amounts of domains, for nothing. I think implementing those would make quite a difference when it comes to domain squattings/squatters... Its a sad sad day when a webmaster can't even find a decent domain name for his website..

Re:Already being done

[mikael_j]

They've got .freenet!!!
Woohoo!

Mikael Jacobson

.exe in cz

[aralin]

What I know then there is already such thing. Some guys in .cz decided that they have problems to get their domain names and decided to create new top level domain '.exe' simply by adding a fake root server for this domain to all their DNS servers and tried to promote the domain to others. I am not sure if it still lives or whether it died out already, but I remember that at some point there were at least 500 subdomains registered.

DNS is outdated and should be changed

[Coward+Anonymous]

DNS was formed as a convenience when the net was relatively small and was comprised of the military, government, universities and misc. companies participating in research. It worked because the participants were few enough to not have many domain name conflicts (I'm sure they had a few). They had enough new territory to share among themselves.

Today it is outdated. There are more people vying for domain names while the number of words in the English language has not increased significantly. Adding TLDs will not alleviate the problem.

Of what use is it to add more TLDs? Of what utility is it that a site can call itself slashdot.sex or slashdot.nerd? There is no reason to add more TLDs because they don't add anything, they only shift the problem somewhere else.

As an example, suppose I get up one morning and decide that I want a site called Slashdot. Shucks it's taken under .org so I'll go and register it under .sex. There now I have a web site called slashdot.sex and there are now two sites called slashdot. I've created some confusion for people and gained nothing by being confused with that other wimpy site, slashdot.org. After all, I wanted that domain so I could be unique on the net.

No, the current DNS system is obsolete.

If a new system is to be started it should be based on a different concept. (I'll be damned if I know what it is ;-)
Maybe there is no good way to solve this problem (maybe there too few English words to go around) and we are stuck with the DNS system becuase there is no other 'better' way.

name.space's lawsuit with NSI

[earache]

As someone mentioned earlier, name.space is already attempting to alter the way the whole DNS issue works, who is in control, registering gTLDs, etc.

Below is an interesting lawsuit between them and NSI:

http://namespace.pgmedia.ne t/law/appeal/2ndcir-dec.html

Re:Distribuited? Yes.

[emir]

uuh?
distributed computing doesnt have anything to do with distributed databases

the net is already becoming multi-dimensional

[matthew_gream]

The Internet has started to stratify into another dimension by adding logical networks. This was apparent when the Internet started: because there were communities of applications (i.e. FTP, FSP, gopher, etc), but is going occur even more. There are a) community rings, b) gnutella rings, c) napster rings, d) freed0m networks, e) real name spaces, f) portal spaces.

URL's already provide a discriminator for the different namespaces, e.g. ftp://, http://, gopher://; and what about even freed0m://, or gnutella://, or slashsite://, or realname:// ?

new thinking required

[matthew_gream]

.com, .net, .org and other names of 'places' are a historical legacy from the old world. They do not have as much relevance as the internet becomes less about places, but more about spaces: content! Half the problem is that people are encoding everything and anything into DNS, when they should be using other name spaces (e.g. Realnames), and users should be accessing the net from other name spaces. This will happen as the net continues to mature.

Someone should sit down and think the problem through and come up with proposals. There are already multiple name spaces (e.g. 'RealNames', 'Yahoo') on the net apart from Nic.

The reality is that at the end of the day, you are going to have disputes, and you are going to need some way to resolve those disputes. That is an undeniable fact. Someone else is better placed to answer this one.

If the new system were subject to popular control

[karji]

A manifesto

1. All domain names are owned by the internet users (tm), not NSI, nor the companies that are using them.
2. Large capitalization e-companies like Amazon rent domain names for extaordinary amounts of money, so we the customers, the internet users, get back a lot of the money we deserve without resorting to running get-paid-while-surfing schemes.
3. For the cases when the majority gets disgruntled by monopolistic practices, or when companies don't bow to popular pressure to open up (e.g. ebay or icq), or for the cases when the community can build a better replacement for a site that's holding back the natural development of internet for the sole purpose of making billions, we reserve the right to revoke any domain name with a popular referendum a la USENET.
4. We restrain ourselves from making excessive use of our powers over companies because we want the alternative DNS system to function.
5. People may not rent, sell or delegate any of their decision-making powers, and the new DNS shall remain forever under popular democratic control.

Re:If the new system were subject to popular contr

[karji]

Yes, however, with the size of the web, and the DNS system, Im afraid that Mark Twain's eerie words would come to bear: "If you want to make sure nothing gets done, form a committee. "

That's why we need direct vote without committees. Use digital signatures from verisign a 1-1 correspondence between voters and votes.

Re:The problem ...

[fgodfrey]

Heh - whoops - forgot it was 128 bits - I was thinking 64 bits for some reason. Yeah, 2^128 is a big number :) I think the inefficiency in IPv6 is that addresses are assigned geographically. Can anyone confirm/deny that?

Re:The problem ...

[fgodfrey]

No, it would certainly not. The reason is that IP addresses directly affect the way the internet works - you'd have to make every device (like routers, switches, etc) with an IP stack recogize the new format. The format of all IP packets would have to be changed. This is, as you would imagine, non-trivial and it doesn't solve the namespace problem anyway (it solves a different problem which I'll talk about next) since www.whatever.com would still just point to 1.2.3.4.us or 1.2.3.4.5 or whatever. The way that the IP address is actually stored is not as a string of numbers - it gets converted into a 32 bit integer which in base 16 would work out to the number "1020304" for the above example. Hence, it's not easy to add to it.

This brings up the second problem on the internet - running out of IP numbers. There are 4 billion possible combinations of numbers in 32 bits, but for various reasons, there are a bunch that are invalid and because of the allocation system, which assumed that the internet was small, there is a lot of waste. For instance, MIT has 24 million IP addresses (a "class A" network - Apple also has one). MIT is obviously not using all of them, but nobody else can have them. So, any IP address that starts with "18.x.x.x" belongs to MIT. Carnegie Mellon University (and a bunch of others) has a class B address space with 65,536 addresses (anything in 128.2.x.x) belongs to them. Smaller organizations have "class C" (256 addresses) spaces. There was (originally) nothing in the middle. Then they came up with this thing called CIDR (classless interdomain routing) that allowed for arbitrary numbers of addresses per network (as long as they are of the size of a power of 2). That has saved the internet so far. The end solution is IP version 6 (present version is version 4 - what happened to 5???) which has a few trillion IP's so that should solve the problem nicely :) However, it's taking forever to get implemented because everyone has to change their OS to support it.

Anyway, that is why you can't just add something to the IP address.

this could be done within the existing system

[pchan-]

why a different port?
why different resolvers?
why not use the existing dns system (including the root servers)?

say i set up dns.org (i'm sure that's taken, but let's pretend). on top of that, i build com.dns.org, net.dns.org, sex.dns.org, sucks.dns.org, and so fourth.

now, if you all change your dns search order to look at the .dns.org network first, you can all resolve company.com (really company.com.dns.org).
if you want the real "company.com" just try to resolve company.com. (trailing dot).

and the best part: this is entirely outside nsi's jurisdiction. they have no authority on subdomains, and neither do the courts.

my 2bits,
pchan

sublimate the masses!

The slashdot method

[fluxrad]

the slashdot method
or: How Bob got his post moderated down
&nbsp-By FluXraD

Open Curtain

Bob: Funny Post

Dork: That wasn't funny because, technical technical technical, point out technical innacuracy of humorous post. See, now everyon on slashdot knows that i'm at least smarter than you.

Bob: Well, technical technical technical, see how much funnier that is now that you've reread my post

Dork: Technical technical technial, you see, technical technical.

(Brief pause while the audience realizes that what had started as a humorous post by Bob has now been decimated by the technical idiocy and humorousnessness of Dork. They also begin to ask themselves why Bob would defend his post - they are about to get their answer)

Bob: Post that i think is funny, but really isn't anything more than a poor attempt at recovery.

Dork: Flame

Bob: Flame, technical

Enter moderator: Moderator reads 2/3rds of the thread and decides, based on Dork's joke killing posting methods, that Bob is neither funny nor knows as much as Dork would like to pretend. Moderator, with a look of stoned exhasperation moderates Bob's original comment down as [Flamebait] or [Overrated] - Moderator2 enters quickly to follow suit. In an ironic twist, Dork's original post is moderated (Score 4: Informative). Only 10 years later do we discover that Dork is actually a replicant.

Curtain.




FluX
After 16 years, MTV has finally completed its deevolution into the shiny things network

Just-dot-it!

[v1z]

Considering the popularity of Napster, I'd say it should be easy to get something like this off the ground. Especially now that it's already been brought up on /. I say we do this!

A little "marketing/branding" by everyone involved, a set of dns-servers and a web-page hosted somewhere like Canada, or anywhere but the US or UK (judging from my superficial knowledge of legislation and practice in those countries) ... and we should be all set. In order to avoid basing it on the existing dns-system let someone set up an equation that sums up the ip-address in an easy-to-remember fashion - and lets push that equation around. ;-)

Now read this -- I had to scan my hard-copy because the archive apparently is dead. We really need some kind of free.org/opencontent.org

or:cypherpunks.free
;-)

Wish Granted

[ekmo]

CmdrTaco could finally have his wish granted.
If this is implemented, he will know just what sites to avoid.

DNS requires a top-level centralized authority

[FriendlySolipsist]

Hey, folks... DNS is not like Gnutella. The namespace managed by DNS cannot allow collisions. That means, if I call myself something, then no one else in the world is allowed to call themselves the same thing. If this basic principle is not followed, then people can steal each others' mail and all sorts of similarly nasty things will happen.

A namespace administered by mutual trust cannot work, since it only takes one uncooperative jerk to louse it up. Cooperative arrangements are only possible when a certain limited number of jerks can be tolerated, and social pressure placed upon them to stop being jerks. Where the system itself is vulnerable to collapse with even a single jerk, there is no hope.

Now, mutual trust does have a critical place in DNS. In fact, the DNS root is established by mutual trust and consensus. Since the death of Jon Postel, who once had all of the root servers refreshing for a week from his (B.ROOT-SERVERS.NET) instead of NSI's (A.ROOT-SERVERS.NET) just to make a point to NSI, it has not been clear who, if anyone, is the central authority established by mutual trust and consensus. Claims have been made by NSI (in its registry capacity), ICANN, and several international organizations.

Last week, the US General Accounting Office, which is an arm of the US Congress, released a study which touches on this issue. Their view is that the US Department of Commerce are the authority over the DNS root, and that any actions involving changes, such as creating new generic top-level domains (gTLDs), are subject to their approval.

Some people may not like the idea that a US government agency is the trusted authority over the DNS root, but this is probably better than a lot of alternatives. US government agencies are subject to laws and procedures, and there are significant protections in US statutes against giving commercial advantage to one party at the expense of another, against making decisions in smoke-filled rooms, and so on. Any private organization, whether commerical like NSI or non-commercial like FSF, would have its own agenda and could make up its own procedures as it went along.

Considering that Jon Postel saw himself, by all accounts, as serving in a quasi-governmental capacity as a contractor, first under the Defense Department and then the Commerce Department, this is not a surprising result. Postel's authority was in practice more personal, having evolved over the years as a direct result of his actual performance, but that is not something which can be transferred from one individual to another and provide a stable basis for a transition.

Why????

[ManiaX+Killerian]

Why the hell do we need alternative system? And why does everybody think that *.GTLD-SERVERS.NET are
controled by NSI ? AFAIK, all these machines are put in some good places in the Internet toplogy (read: with many
fast connections) , and help share the database... And, even if you don't agree that NSI!=Internic , RIPE does use GTLD-SERVERS,
or at least,they're mentioned there - someone tried to ask A.Root-servers.net about some 2-letter domain ?
This idea is stupid, at least...Why don't we reinvent the TCP ? Or UDP ?
If someone doesn't like NSI, there are a lot of other registrats ( if that's the problem ), and, let's face it, _we need_ something
like the old Internic and ARIN/APNIC/RIPE .....The anarchy is no good in the Internet, not on this level - such 'pirate DNS' would
help breaking the net into the smaller nets it was before......

Domain Name System

[shren]

The Domain Name System just maps 'word names' to ip addresses. So www.slashdot.org maps to an ip address.

All this is old hat, of course. But perhaps it's time to move beyond this. People sometimes want to look for sites by 'topic'. Like, if I'm an ignorant man looking for pictures of boobs, I'm probably going to type www.boobs.com, www.boobs.org, and www.boobs.net. Sarcastic idiots might try www.boobs.gov. (Bet that page is big - there's a lot of boobs in the government.)

So here's what I suggest we do. We take the gnutella distributed client, rip out most of the innards of file transfer, and make a keyword system to go over top of DNS. Let's call this new system 'Gnudo', for Gnudomain.

This way, you could map your web server to whatever keywords you want. If anyone on the Gnudo domain network searched for the keyword "boobs", any machine that chose to could give back it's domain name or ip address for that keyword search. Nobody has 'control' over a certain word, such as boobs, by reserving boobs.com, boobs.org, and boobs.net.

So I've got a new porn server. I run a Gnudo program, and map my dns name, "www.obscurelynamedpornsite.com" to the following keywords: "boobs", "women", "sex". Now, anyone who queries the Gnudo network for either of these three words will get back my site, "www.obscurelynamedpornsite.com", as well as any other sites that choose to answer to "sex" (oh, a couple hundred, say.)

The neat thing about this is that I can have a site that's only up when I'm online - that a new site or unprofessional site can get into the search engines with the best of them, and hopefully, the best man will win. We're going to see about a hundred thousand interesting things based on the Gnutella 'distributed net' technology - irc without servers, chat without servers, search without servers.

See, the web almost never replaces a protocol. TCP? still here. HTTP? we know it's a backward protocol designed by goofy physicists, but it's still here. Finger? Who uses finger? But it's still here. Instead of saying, "We're going to start a new network, and subvert the DNS system with a fair system.", we should be saying, "Ok. What problems was DNS designed to solve, and how can we solve those problems *better* with available technology?"

But I'm just the idea man, and I'm overwhelmed with code I'm getting paid to write. No time for free projects. So you guys go implement this and give me a mention on the credits page. *grin*

Re:Domain Name System

[shren]

*sighs*

Yes, I know how the gnutella protocol works. I've read the spec, I've read the code.

It's a wonderful example of a distributed system. The searches you preform are spread to the other clients, and then you can go get the file from the other client.

So, do you care to give me a reason that, instead of giving string searches that return a list of files, that you can't deliver a string search that gives a list of domain names? No, you can't, because it's just a matter of interpreting the the payload of the search differently. Shut up. I'd bother to be polite if you bothered to give anything other than 'Anonymous Coward'. Boy, my opinion of anonymous posting on slashdot just dropped.

Yes, my example isn't quite Gnutellaish, because there are two types of programs in my example - full clients that share DNS names for keywords and neutered clients that don't provide links, because, well, thier users arn't pushing out web pages.

The point is that you can use the framework of Gnutella, a distributed system, to distribute many, many things with the most superficial of changes.

Hierarchy in the Namespace

[pjrc]

Most domain names in todays DNS seem to follow a paradigm that is basically

SERVICE dot ORGANIZATION dot COM/ORG/NET/EDU

Now I know that's a bit simplified. I'm sure at least someone will replay about this, missing the point of my posting, which is that the current system doesn't make any significant use of the hierarchy that the domain name system is supposed to have.

For example, just adding one more level, along the lines of trademark types:

SERVICE dot ORGANIZATION dot ORG_TYPE dot TLD

So you'd see names like:

www.united.airline.com
www.national.semiconductor.com
www.macdonalds.restaurant.com

Maybe this will or won't ease the pressures from trademark holders... only lawyers could comment on such matters, but intuitively it seems like it might. If the new level of hierarchy clearly defines the types of businesses where trademark law allows similar marks, then it would seem a no-brainer who ought to get a particular name. I'm sure there'll still be disputes, but at least they could be made easier to resolve.

If someone sets up a new DNS system, I sure hope they seriously consider trying to restructure to use a bit more hierarchy in the namespace. Aside from (maybe) dealing with some of the conflicting trademark battles, it would probably also help reduce the load on the root nameservers.

As a practical matter, a new system should probably "seed" itself with names for all the major web sites currently on the net, for free, and of course use TLDs that are mutually exclusive from the ones used in the existing system. Some sort of scheme would be needed to work alongside the existing DNS system... I'm not sure how that could work. There are millions of links hard "coded" into html, all based on the existing DNS.

nsisucks(.com)

[hidden]

nsi has registered nsisucks.com, and made it not work. 'nuff said

take it for a flip

[mmt]

Now, mind you, I like little endian systems they have worked well up until now but, since we would be rewriting the books, what say we switch to big endian i.e.:

• org.slashdot
• com.geek

That'll really through the suits for a loop. Only problem is that you can't have net, com or org sub-domains.
---

have you seen alternic

[steak]

alternic its been around for a while

Remember this discussion?

[sageowl]

Gee, wasn't there a /. discussion on this issue of alt TLD's a while ago from CmdrTaco? Why yes, there was ... check out this discussion as well. Personally, I would love to see somebody make this work, just for fun ... save me a few names in .god :)

Re:The problem ...

[spectral]

a few trillion?
Last time I checked, it was quite a bit more than a few
2^32 = ~4 billion
2^128 = 3.4 * 10^38
or '34' with 37 zero's after it.

I'm not even sure what the name for that number is :) i know it's more than a few trillion.. heh. I think one time I figured out that there would be several thousand ip addresses for every square inch of earth space.

that's been done, too

[peccary]

It's called RealNames. But there's more to the Net than web browsers.

Already being done

[Seqram]

Try www.name-space.com, an alternate registry with some 500-odd gTLDs already set up. All you have to do is point to their machines as your resolver and you can access the .bicycle, .sex, .shareware, etc. gTLDs. (so if you have that done, they're also www.name.space). Whether that's a good idea or not is something else: they'll let anyone register any gTLD. They're hoping to get enough popular support (people giving out their "new improved" names) that NSI will have to honor their gTLDs; I tend to think that won't happen. But FYI.

I have an Idea.

[Valar]

Here it goes... this should be a simple way to set up pirate DNS. First, have the clients programmed with a list of IPs that correspond to certain top level domains. When a domain is enter with that psotfix, the pDNS server is queried and returns an IP. Then the client references the server by that IP. Basically the same as standard DNS, but it would be distributed as the top levels would be on different computers. Everyone could own a top level domain! I think I'll put a more detailed explaination on my website. Anyone interested may e-mail me, and I will tell them when I have a workable protocal. Thanks.

/.

[ziegast]

Could someone please setup a few root servers that adds "/" as a top-level hostname/domainname and gives me a CNAME to www.slashdot.org? I type "w-w-w-.-s-l-a-s-h-d-o-t-.-o-r-g-." way too often and I don't have good enough speech recognition software to save me the keystrokes. Thanks, EZ

Distributed program to update local hosts file??

[_Chainsaw]

I may be completely off base here.. but all that is really needed is a Gnutella like program to update the local hosts file on a machine right???

I am sure that there are some serious problems with this idea but it seems like an easy way to get a new level of name resolution without giving up or having to duplicate the current DNS system. From my (limited) understanding of how computers resolve names, first they look in the local hosts file for an entry.. if none then they go out and hit the DNS server that is configured in the TCP/IP configs.

A program that periodically hits the 'Alternate Domain Name System' (ADNS) network for updates is all that is really needed. It would download the update file and then copy it to the local hosts file. Filters could be built in to avoid duplication of established .com .gov etc endings to avoid the potential legal battles that hijacked domains would bring. And, if desired, enforce a convention on the names such as the current www.*.*

Obvious problems I can readily think of are: someone has to develope the application ( multiple OS's for sure), file size could quickly become a problem, bandwidth might be a problem the protocol would have to be designed to minimize excess transmissions maybe similar to some routing protocols, there has to be a big enough need/desire for this sort of thing in order for it to really catch on.

Re:The problem ...

[howman]

would it not be easier to just add a fifth number to the IP address? Or perhaps a qualifier to the begining of the IP address string... ie ca.145.47.96.221, or 123.221.64.3.uk ?

Re:Let's channel this energy against NSI instead

[John+Jorsett]

I wonder if it could be a decentralized node list instead of a central directory

It could be, but this would lead to an extra layer or layers (i.e., johnsDNSnode:sammys.god). If enough people wanted to participate, you'd have to organize these nodes in some sort of heirarchy. Pretty soon it would be the DNS equivalent of Amateur Packet Radio, where you have to specify the exact path, node by node, your packet must take to get to the destination. Just thinking about this makes my hair hurt.

Re:Let's channel this energy against NSI instead

[John+Jorsett]

...hmm....NSI hurt you? so they're responsible for all the wrongs in the world, i see..

Well, let's look at the recent record. NSI suddenly unilaterally alters its agreements to declare that the domains registered thru them are actually the property of NSI and are subject to revocation on whatever arbitrary basis they feel like applying. Then they decide that expired domains will not necessarily be put back in the available pool, but could instead be auctioned off to the highest bidder. Nothing in their original charter gave them these powers, they simply decided to create them. And the reason they can get away with it, at least for now, is that they and only they run the root DNS database. Even other registrars have to pay NSI a fee to update the database with domains registered by them. So, yes, NSI is harming me as well as every other party who registers a domain through them. NSI has become increasingly arrogant and it's about time to put a stop to it. I for one have done so by getting my domain out of their hands and placing it with another registrar. This is only a partial solution as long as they can continue to make the rules on the database, however. I'd advocate creating a nonprofit organization separate from NSI to administer it. There might be a problem, though, if what I heard was correct: NSI claims ownership of the database itself and that it can't be taken away from them. If this is true and is upheld, we could be truely screwed.

Let's channel this energy against NSI instead

[John+Jorsett]

You'd still be faced with the same problem that caused the creation of NSI in the first place: who is ultimately in charge of the database? Some entity somewhere has to have the final say in what's in there, otherwise you have chaos. Not to mention trying to persuade overworked network administrators to add your alternative DNS to their name servers, some of whom wouldn't do so simply because they wouldn't like the idea of, for example, a .guns domain.

I think we're stuck with the present system, so our energies ought to be brought to bear against NSI and its increasingly fascist policies. Where's a tobacco lawyer when you need one?

Pirate DNS

[dch111]

I may be wrong , but I see a few problems with this, 1.)Bandwideth, we are at the point of an almost shooting war over existing availibility, 2.) and as stated earlier, what is to stop the new one turning into a clone of the previous? I don't have the solutions , but see a certain inevitibility to the whole scheme. dch111

The problem ...

[Cinquero]

... is that domain names are just too short. One of a few ways (if not the only one) would be to extend domain names to a _real_ (unique) identifier strings, eg. geographically

.....

or by subject. Of course that would require browsers to implement something like Yahoo's regional directory directly into the location bar.

Re:The problem ...

[Cinquero]

If it has been done, where is it? As long as companies can use short Domain Names, they won't use strict geographical ones. And therefore we need lawyers. What's the point you don't understand here?

Re:The problem ...

[Lunaryn]

Yeah... hard to imagine how we will use them all up... but somehow, I figure we will anyway. Somehow, through some sort of inefficiency or multi-ip listening scheme or somesuch... I just don't think we're a society that can have "enough" of any limited resource. :P

Oh, well, as long as I can have my 256 IPs. :P

Re:Slashdot really posted this inaccurate crap.

[j-pimp]

While the proposed implementation is flawed the theory is sound. I once had a similar idea on a smaller scale for my university, just to busy with other stuff to get off my dead ass and do it. Basically the dorm subnet had dns names in such as wh104a for west hall room 104 occupant A. while this was nice an organized and it was easy to figure out a persons ip address, assuming they were using their assigned one, we all had names for out machines like cotangant and turtle. Our idea was to set up a server on one of our machines with these names with the rule that if the name isn't listed here go try the real dns servers. We were considering caching the real ones too. Anyway it can be done, and yes it might cost money if done on the suggested scale, but its feasible.

Re:Slashdot really posted this inaccurate crap.

[j-pimp]

That system could be implemented with a NFS mounted resolv.conf...

Thats not the point. The point is there is a solution to there problem, but there proposed solution is not the one.

Re:excuse me...( flame for the editors of /. )

[nagora]

That's all fine and good, and I'll join tonight, but the basic question people are asking is "who died and made ICANN god?". As far as I can (no pun intended) see the historical problem with DNS and the current problem with ICANN is the US-centric nature of the system.

I would propose closing down .com for further registrations as it is now beyond repair (every company in every country fighting for a name in one namespace was never a good idea even when America was the only county you expected to matter to the 'net). All companies would have to register in the .com/.co/whatever sub-domain of individual countries and could only do so if they held a registered trademark in that country.

.net and .org should stay open but vetting should return, perhaps by ICANN or a UN body.

.gov should be closed down and phased out. At the very least any further registrations should be requied to add at least one country-code subdomain (e.g., .uk.gov .us.gov .cx.gov) to recognise the international reality of the modern Internet. The same goes for .mil (oh, that'll happen!).

Add a .xxx TLD to shut up all those twats that want to censor the web. It's pretty obvious that the sites themselves want this TLD and it would act as a one-point-of-control for parental filtering which actually makes sense.

Add .home for individuals and non-registered companies (in the UK this means non-limited companies) but require at least two levels of sub-domain (e.g. www.tww.farnham.surrey.uk). Registered companies may not apply so no confusion can ever occur or be claimed about trademarks etc. Non-registered companies (high street shops etc) would have a two year change-over period if they did register where they would have both a .co.fr domain and their old .honfleur.normandy.home after which they could only retain the .co.fr one.

Setting up a new system seems like a good idea but the best we can expect, given the size of the net now, is to improve what we have.

.int can be closed down (for further registrations) and I doubt that anyone will miss it.

Don't reject every solution because it's not perfect as there is not going to be a perfect solution. We do need, however, a good solution. Soon.

Newsnet has not inspired me to think that the "anarchy" approach would work. As an anarchist I feel that anarchy really only works with groups of under 200 adults.

I think that's all I have to say about that.

TWW

Don't forget the great uncleaned masses

[sonnerbob]

The Slashdot audience is among the vanguard of the technical community. You all are like the few, elite runners ahead of the mass stretch of humanity after the first 10 minutes into a marathon. What most of you tend to forget is that there is a vast population that has barely or as yet even to cross the starting line. They don't know an http:// from a .net.

I use my Dad as a benchmark. He doesn't care to understand the underpinnings of the protocols or the technical whys and hows...all he wants to know is how to push the buttons and get at the information he seeks. So, he gets familiar enough to understand the tools and the routines. When I caught him going to Yahoo first and typing www.amazon.com, it opened my eyes. I've since learned that very many people use portals and indexed catalogues as namespace locators, even using them as URL entry forms.

The point being: devising clever new URL structures, alternate domain name schemes, different protocols...you're focusing heavily on "McGyvering" the system, and forgetting to consider the basic social engineering that is required to ensure these work (at least among the naive and untrained who will be expected to follow). AOL is a hit for a lot of reasons, none of which are performance or technically oriented: their KEYWORD system being one of them. All I'm saying is as you apply your creative juices to the problem, try to imagine how it will benefit my Dad.

Re:Slashdot really posted this inaccurate crap.

[FooRat]

"You have to have a centralized database that matches the Domain name with the IP address, that the name servers use. If you don't have a cantralized database, the name servers would spend weeks at a time downloading records from thousands of othe servers"

That's crap. I don't think you know what you are talking about. How do you think usenet works? Current DNS's anyway have to download thousands of records. Not having a centralized server makes it harder for the database to be consistent, but it wouldn't be slower. It would just give less predictable results, and would be subject to influence by people with alterior motives (e.g. mapping www.microsoft.com to www.linux.org or something) - but it's possible to do exactly that with the current DNS system anyway, so so what?

Re:Slashdot really posted this inaccurate crap.

[FooRat]

Most of the problems you point out with Usenet are due to the fact that it is incredibly high-volume (over 1GB a day), significantly more so than DNS.

Re:Slashdot really posted this inaccurate crap.

[SubtleNuance]

...That system could be implemented with a NFS mounted resolv.conf...

We already have a Perfect System

[logiceight]

We already have the perfect system. It's impossible to make a system everyone likes. But it is possible to make a system everyone hates equally, hence what we have now.

Decentralization=Good, and Bad

[krystal_blade]

The Decentralization of Domains is a good thing, if you're talking about pulling NSI's charter away. However, if you're talking about creating a whole new DNS charter based on different ports, there are numerous problems you would face.

The first is that many protocols utilizing the DNS lookup function would not work, and would have to be re-configured. While this may seem a small task, remember that (unfortunately) many people rely on so called "point and click" functions of their servers, and have no knowledge base on re-stringing queries.

The second is the functionality behind the current DNS scheme. Domain names are handed out, and related to IP addresses, which works great. Your normal first timer can type in known addresses to get known companies. (.org and .net fall under this too) This easy familiarity makes surfing the internet a breeze, even if some people have to suffer for it.

Another thing is non, or misuse of a new DNS registry system. I don't beleive someone should be allowed to camp on a site that has an easily identifiable corporate name (Wal-Mart, for example) and use it to either coerce the company for money, or for other things, such as placing 600+ ad banners in an effort to get paid. Such misuse demotes the true intent of the internet, which is the free distribution of information. A good example of non-use is the so called "undernet" and "cobranet" that cloned the IRC a few years back. These clones, while functioning perfectly like the IRC, and perhaps even a little better than the IRC, were hardly ever used, and quite a number of them went defunct in a matter of a few months.

An alternate system I support is the "extension" of the current DNS configuration that was rumored to be in the works back around 1998. It involved pushing the extension barrier out a couple steps to include things like .bus (business) .que (web queries or searches) and so on... Rumor has it that someone even came up with the idea of giving each state/local province their extension, (so North Carolina would have the extension of www.*****.ncs.us, and the venezia regional government of italy could have www.*****.vez.it

I firmly support pulling the dollar power away from NSI. I think the distribution of domain registries should incur a one time type in fee only, and that should basically be the cost of the man-hours required to make the changes to the system. Require domains to confirm that said domain is still in use once every month or quarter (and require it to be filled out in a predermined format so it can be parsed out by a PC updater) and that's that.

krystal_blade

Re:Decentralization=Good, and Bad

[jroysdon]

Rumor has it that someone even came up with the idea of giving each state/local province their extension, (so North Carolina would have the extension of www.*****.ncs.us, and the venezia regional government of italy could have www.*****.vez.it

No rumor about it, the .US ccTLD is already set up this way. However, each ccTLD makes its own decision on how to designate subdomains, ie co.uk is the equiavalent of .com in the UK. However, the .US domain is setup under a more complicated locality system which makes it less attractive than .com, etc. Also, it's free. Just for kicks, I registered roysdon.modesto.ca.us/>

My biggest beef is that local government agencies don't use this, but instead are lured to the .COM-inization of the internet. My local city and county got it right using the proper locality .US domains: ci.modesto.ca.us and co.stanislaus.ca.us. However, the local Police use ModestoPD.com (albeit, just for email) and the Sheriffs Office will be getting stansherrif.com or something close. I wouldn't even mind them using .COMs, if they also had the "official/standard" .US locality domains forwarding to the same .COMs (police.ci.modesto.ca.us & sherrif.co.stanislaus.ca.us).

Just my two cents.

on-selling and squatting on domain names

[jesterzog]

If something like this went ahead, could I suggest having a usage licence that defines a maximum price that anyone is allowed to on-sell their domain. (Maybe to be reviewed every so often for chanegs in inflation, etc.)

One of the big motivations for squatting on domain names is the money that people expect to make out of selling a name at the end. Naturally you could always choose not to sell it to someone who wanted it, but wouldn't be able to make hoardes of money from it either.

It wouldn't solve everything but as long as such a licence is tested in court successfully, it would help avoid lots of other legal problems.

===

Hacking a Solution

[mickwd]

Disclaimer: The following is not really thought through - I'm really just thinking out loud.

It might be possible to set up something like this with a few hacks.

For anyone running their own nameserver (named, or whatever) this could be patched to use normal DNS in the majority of cases, and a seperate service in special cases (such as names ending in .alt, as one or two people have suggested).

For people who don't run their own nameservers (e.g. most windows users), perhaps simple ones could be written, with the same functionality. These could also be set up to do caching nameserving, which might help to actually speed up normal internet usage (slightly) - thus giving people an advantage to use them (and lessening the load on their ISP's DNS servers).

Then you could have some sort of centralised, napster-like service serving out second-level domain names (the bit before the .alt). Rather than serve MP3s, the central server(s) would serve the IP addresses of "second-level" servers registered to serve the second-level domain names they had "registered". This could be nested as deeply as you like,

Of course, you would need to come up with some sort of rules to stop name registration getting out of hand, but I'm sure this could be done somehow. Perhaps domains could be limited to one per IP address ? Perhaps domain names could be "aged" and then discarded after a time interval if the server set up to serve them is uncontactable for a period of time ?

I put up a website for this

[guinsu]

A few weeks ago, after submitting the ask slashdot, I put up a web site at www.piratedns.org if anyone is interested in contributing.

Dynamic IP mapping

[Curt+Cox]

I may be the only one in the world, but I am relatively content with the whole DNS system for static IP address allocation. Dynamic IP address allocation is another matter. Services like DynDNS and TZO are a good start, but don't go nearly far enough.

I would love to see a distributed name to IP resolution service, that uses an architecture similar to Gnutella . Of course there is no reason to limit the service to domain name resolution. It can be quite handy to resolve an email address to an IP address, too.

This new piece of Internet infrastructure would be very handy for anyone wanting to do things cheaply. I'm thinking of:

• Web servers
• Remote access (VNC)
• chat
• voice over IP
• multi-player gaming

to improve the idea you might have to...

[jtcampbell]

i think that in such a system you should enforce geographical domains i.e. if you are in the uk you must us the .uk domain. .com should not be for the states...... perhaps .us/.usa. Being decentralised would realise more of the opensource ideas i.e. look at linux, its development is relatively anarchic, yet it is amazing powerful, and i use it every day. The same model could work for a global network.

Good idea

[ejrongo]

You wouldn't be able to use names that are already used. For example, you wouldn't be able to assign .com, .net, .org, .edu, .gov, or .mil names. And you wouldn't be able to assign any names that countries are currently using like .uk, .fr, .de, .ca, etc.

You would need a whole new TLD. Even running on different ports, how would the system know if you wanted to access Microsoft's microsoft.com or the one with the record on servers implementing this idea.

You should post this idea on www.shouldexist.org.

Other than that, it's a good idea and could actually work.

Re:Slashdot really posted this inaccurate crap.

[Luguber123]

Whoever he means if it's Santa or his wife that bothers him about nameservices, I for one think this is a great idea. I perfectly know how the dns protocol a couple of versions of bind and libresolve work. Still I think it would be cool to have an additional system to play with.
I guess if you talked tcp/ip for a novell guy 5 years ago you would get the same response you are giving this guy. The idea he gives on how to distribute this system might not be perfect, but I guess the first Idea for dns was pretty much the same.

organization

[gtx]

you know, i've had this idea for quite some time, and i've seen people trying to do it, the only major problem is the lack of organization. with organization we could pull this off. and, the way to keep corporate greed out of the way is to make all domain names free. so, i say we do it. i believe that slashdot is the best place to go to get a mob of organized people. So, here's my plan. if you want to get this off of the ground, email me at chris@mactaggart.com and we'll figure out a way to bring organization to this. it can be done.

Using LDAP?

[danfarrell]

I've read a couple articles that mentioned the possibility of LDAP replacing DNS someday...

Could this be the kind of project to test the possibility and feasibility of this?

I realize that almost everyone would have to run a caching nameserver on their machine that did the convertions, but it's do-able...

I am gonna start hacking a DNS to LDAP caching daemon...

danfarrell

excuse me...( flame for the editors of /. )

[MOMOCROME]

what the hell is wrong with you people? What is all this crap about NSI? The following is taken from the ICANN website.

The Internet Corporation for Assigned Names and Numbers (ICANN) is the non-profit corporation that was formed to assume responsibility for the IP address space allocation, protocol parameter assignment, domain name system management, and root server system management functions previously performed under U.S. Government contract by IANA and other entities.

As you can clearly see by even this little snippet, ICANN hass been charged with the responsibilities of administration for DNS. Other Entities (mere registrars like NSI) may facilitate the system, but ICANN is where registrars go to get their license, where the vote on new tLD's will be held, where decisions about the future of the internet are being made. You lousy people have problems with the way DNS is run now? join up and frickin vote. There are only a few thousand members, THAT LOW NUMBER OF VOTERS AMPLIFIES YOUR CONTRIBUITION. Thus, real changes can and will be affected by the people with enough sense to join up.

I thought you guys were supposed to be tuned-in and turned on around here... But ICANN gets mentioned in a mere 2 or 3 posts in a discussion about DNS? I guess you are all plain-jane wanabees after all.

As a member of the voting body for ICANN, I am shocked that you guys could be so clueless. I guess my vote will count that much more, if even the editors of /. don't have a clue...

Shame on you, slashdot community!

Re:Not True...READ ON:

[MOMOCROME]

A lot of un-substantiated nay-saying, if you ask me...

Be your own judge here people, take a gander at the calender of events, who's on the board of directors or peruse the fact sheet before jumping to any conclusions.

such things already exist

[justahack]

if you know where to look:-) though in a smaller scale than what you propose-'their operations are too small for the empire to notice' (yeah, that was lame, it popped into my mind so i had to use it). the only way i can see getting around the growingly absurd, over-encompassing copyrights, is to, er...actually, i can't think of any way around them, except avoiding notice or substantially changing the way the world works.

no mere mortal can gauge *my* karma!

Gopher?! Finally!

[Lunaryn]

Glad to find there are still some Gopher servers being maintained. I kinda lost a lot of hope when gopher.tc.umn.edu went down...

Gopher does tend to be a lot more organized, and thus better for the real sharing of information rather than merely presenting things in an aesthetically pleasing manner.

I was going to put a Gopher server up on kuri.weyland-yutani.net and try to maintain links to what Gopher servers were left, but lost my internet connection from a University when I changed schools. :(

A little off-topic, but...

[Lunaryn]

Undernet, the one I'm aware of, was and still is a successful irc network even though they use their own server instead of basic ircd. Also DALnet is another such example, in fact many smaller networks use some version of DALnet's own server. Not only were these successful, but circa 1996 they were both manageably small, while the main network, EFnet, had become the "slums" of IRC due to overpopulation and poor administration. (although DALnet nowadays suffers from both as well)

Truly Off Topic

[The+Grammar+Jew]

Heck, I don't even live in an English-speaking country! In fact, everything I need to know about English I've learned from here.

Money talks.. take it to their competition!

[fatboy_speed]

Umm.. this is nothing against your proposal, but NSI don't own .com. If you don't like what they are doing then use someone else. Domains I register through Melbourne IT have them listed as the registar, not NSI, and therefore are subject to Melbourne IT's policy once they expire. Many USA companies have already made the change, Verio is one example who no longer use NSI but instead Melbourne IT.

WHY EVEN USE DNS-LIKE SYSTEM?

[klahnako]

DNS is used only to map human readable strings to IP addresses. Such a mapping is unnecessary except for personal use; like nicknames in an address book. Sites are found by searching, therefore the search engines should be the ones responsible for mapping keywords to IP addresses. Using search engines removes the issues involved in spoofing, or distributing the name maps. The nature of these problems do not exist in the context of a search engine. If you are looking for McDonalds, then you can get all the sites that mention McDonalds, If you want to find McDonalds, the restaurant, be smart and go to Yahoo!. Looking for an important McDonalds flame site?, then maybe Google is your engine. Using the search paradigm increases the namespace so substantially that collisions never occur.

And Now for Something Completely Different

[brandyn]

In the long run, the idea of a global name space doesn't make sense. Global identifier, yes, but not name. Here is a proposal for an alternate system:

Instead of having a single, context-insensitive name space, allow anyone to create a name space, or many. Bare with me here.. I'll try to illustrate how it would actually work in practice with some examples:

First, I would have my own name space (actually, I would have many; more on that below). This would essentially be a mapping from names as I know them to Poi numbers (Permanent Object Identifiers, a unique numbering space for everything--see below). Generally this would behave like a local cache, fairly transparent to the user. But the key point behind it is: when I use a name, I get what I got last time, period (unless I've gone out of my way to specifically reassign the name to something else). So, for instance, the Slashdot home page would have an associated Poi number (forever!), and in my name space it may simply be called "Slashdot". (Note, in practice I would have a specific name space for web pages, which would be different than my name space for email addresses, and so on, so in theory I could simply enter "Slashdot" in my web browser Goto: line and be there.) If slashdot moves to a new domain, or IP, or even changes its name to something else due to Microsoft inventing a time machine and going back in time to trademark the name, Slashdot would nonetheless keep the same Poi number (forever!) and so I'd still go where I wanted when I typed "Slashdot". Key point: the Poi space is effectively infinite and context independent (truly global) and has *no implicit mapping to reality whatsoever* so there is no risk of losing a Poi number over trademark, geographic, or network topology issues.

Next, say I do a Google search, and click on a link.. What happens? Well, the link just contains a Poi number (and optionally Google's name for it), so I'm brought straight to the web page (I'll discuss mapping Poi to IP's and whatnot below) and if I bookmark it, it's bookmarked by Poi number which means even if the web page is moved to a different host my bookmark still works. Note that by bookmarking it, I am effectively expanding my personal name space. Bookmarks would again be a separate name space from the generic "web page" namespace, though my browser may allow me to assign a name in that space too: E.g., I may have a bookmark called "Slashdot User Profile" which I also call "slashuser" in my "web page" namespace (so I can just type "slashuser" at the Goto: prompt). A simple utility could search all my name spaces to show me aliases of the same Poi in case I forget one.

Now, what if a friend wants to tell me a web page over the phone? In a pinch, he could read me the Poi number (a pain, but doable), but more likely he'd point me at a *common name space* and tell me the name. E.g., he'd say "Go to Yahoo/Companies/Redhat". Here it is assumed that Yahoo is already in my private name space (maybe it came with my browser; maybe I got it from a friend; whatever -- more on this below!), and the "/" is a path separator as in a file system, except that instead of assuming a hierarchy it's just a search through consecutive name spaces (may be arbitrarily complex graph, not a tree): Start with Yahoo (who's Poi I already know), ask Yahoo for Companies (returns a new Poi number -- namespaces themselves have Poi numbers too!), ask Companies for Redhat. Done!

So, in effect, it creates a competitive market for name spaces, which will most likely result in a few dominant players (e.g., Yahoo) at any given time, but affords no inherent monopoly to anyone. Note there is no one root! The "root" of the name space is implicit in the current body of popular name spaces!

Note also that the name spaces are of varying specificity, so for example say there are twenty companies in the country called "ACME Services" -- Yahoo/Companies/ACMEServices may return nothing, may return a list of all twenty, or may return a default one, according to Yahoo's (or the requester's?) choice, while Yahoo/Companies/California/SanDiego/ACMEServices may return just the one you're looking for.

Obviously the line between searching and DNS is being blurred here (see also Erik's post, subject: "This is bound to fail"), but the distinction from pure searching is that there would still be well-known name spaces (though many instead of just one) and the names within those spaces may still be concise and definitive so that, for instance, once I get yahoo/people/brandyn to Poi'nt to my page, I really can tell someone that over the phone and it's not like they have to do a Google search and sift through fifty returns (assuming yahoo was maintaining uniqueness in that particular name space).

Next there's the question of mapping Poi to IPs and whatnot, which could be implemented as a cached, distributed database -- ideally when you Get a Poi (e.g., via a Google link or whatnot), the Poi of the giver (Google) is also remembered with it, so when you look up a Poi, if it isn't already locally cached, you ask (first) the associated giver (Google) for the info. Once you actually get the Poi info, part of the record would be the current preferred giver, which would be the first place you would go later if the cached info proved antiquated. Typically, the preferred giver would be the host actually serving the Poi, which would provide forwarding service (that is, it would tell you who to ask instead) if the Poi were later moved away.

Note that what a Poi maps TO may change with time. For now, for instance, most Poi might map to urls (with hard-coded IP's in place of host names), but they could also map to other protocols/hardware addressing schemes entirely. The good thing about a Poi is it is NOT an IP address, nor a host name, nor an Appletalk node name, nor a filename, nor a phone number... it is just the universal "name" of the object you want to reach. Today it maps to an IP and url (or IP and port number for other services like telnet), but tomorrow who knows.

Lastly, there's the question of the Poi numbering space itself. How do you prevent monopoly concerns here? Obviously we need *some* central control (world-wide!), so I would propose something like this:

Some non-profit org would sell large chunks of Poi space -- let's say they sell chunks for $10 per bit, so I could buy 65K unique Poi from them for $160 (but I wouldn't -- read on). The presumption, then, is that other organizations would buy huge chunks of Poi space, and resell them at a lower cost per bit (but a higher cost per Poi). As an end-user, I ought to be able to get Poi practically free (ISPs could pay trivial fees to provide an endless supply to their users), to use for all sorts of things.... This scheme keeps Poi arbitrarily cheap while still not burdening the top-level Poi service with lots of small requests. Each re-seller would be responsible for verifying a Poi's authenticity, simply by identifying which block it came from and where that block was purchased (thus providing an audit trail straight back to the top level). Note that these services *only* assure uniqueness of the Poi -- they do not store any information about their use!

(I already have this set up on my machine for my personal use. Poi can be any number of bits, so you can't run out, and even if I chewed through them at thousands per second they still wouldn't get very large before the sun went cold.)

-Brandyn (Poi #1000000000000001b;)

"No one ever went broke underestimating the intelligence of the American public" -PT Barnum
"Yeah, what he said!" -Bill Gates

New top level domains

[SuperRoot+Consortium]

The longest running non-ICANN root is the ORSC root, which is mirrored by the SuperRoot Consortium.

This is YOUR internet. You can cast your vote today by how you configure your DNS settings.

Thousands of new domain names in a variety of new top level domains resolve here. The recently reported .GOD domain names resolve, as well as all the old .WEB names. Users of this alternate root include Gordon Cook (Cook Report on the Internet).

For more information, check out:

http://support.open-rsc.org/How_To/
http://www.superroot.org/

NSI Continues to Bill After Domain is Transferred

[SunStarMedia]

NSI Continues to Bill After Domain is Transferred to Another Registrar!

I have had MANY problems with Network Solutions, especially since other registrars have been allowed into the domain market. Network Solutions has taken some extreme measures when a domain name is transferred to another registrar. Even 30-45 days after I have transferred domain names to another registrar, Network Solutions continues to bill and invoice the billing contacts, including the dreaded "Final Notice" invoices. I have had clients whose domains I have switched registrars, and even though the client has already paid for the renewal, the "Final Notice" invoices from NSI scare them into paying NSI after the fact!

This means that NSI is billing former customers for services not rendered. In fact, NSI does not even have control of the domains at that point, yet the still continue to bill. This is a scare-tactic, designed to make customers of ISP's shell out one more year of registration, even though they get nothing from NSI in return!

And, to make matters worse, NSI has refused to refund at least one of my client's "extra" renewal fee.

The way I see it, NSI is probably raking in hundreds of thousands of dollars in extra revenue which they are not entitled to. Is there anyone to oversee NSI and make them change their business practices?

Sincerely,

Jeffry McGee, Webmaster
SunStar Media
http://www.ssmedia.com