Slashdot Mirror
Inside the Rise of the Domain Name System
Greg Huang writes "Looking back, it's almost impossible to believe that for most of the 1990s, a single company, Network Solutions, had a government-issued monopoly on registering domain names on the Internet. And considering how central the company was to the growth of the Web, it's surprising how little of the company's back story — how it got into the domain name business, or who owned it — has been told. Xconomy has an in-depth interview with two former executives from SAIC, the secretive San Diego defense contractor that bought Network Solutions in 1995 for $5 million and sold off the domain registration business in 2000 for billions of dollars."
It's interesting that Network Solution was the only handler for domain registration back in 90's and while there are lots of registrars now, they still work under ICANN. Yeah the usual argument in slashdot is that you could always start your own tld, but nobody is going to support it unless you're high in chain, aka ICANN.
Interesting aspect was a few months ago when EU wanted more freedom from ICANN and its association with US. Currently the internet domain name system is pretty much controlled by one entity, which isn't really the purpose of internet, and its also why Network Solution was taken off the domain registration game as the single player. Monopoly is never good.
Fact is, currently DNS still relies entirely on *one entity*. It goes completely against the distributed structure of the internet.
story from the Military/Industrial/Congressional complex.
There was a definite advantage in terms of ICANN enforcement of registrar responsibilities when there was only one registrar. Now that we have hundreds or thousands of registrars, we have all kinds of nonsense going on in blatant violation of registrar accreditation terms and ICANN can't keep up with the problems. Which apparently lead ICANN to their new strategy - nothing. Now we have unscrupulous registrars all over the world selling domains to bogus registration information, making it much more difficult to uncover who is really behind various nefarious acts on the internet (including but by no means limited to spam).
So in the end, the monopoly was indeed broken up, but the consumer lost, and lost big.
Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
for most industries (consumer electronics), it should be an unregulated or lightly regulated free-for-all. this maximizes consumer value
but there are certain industries where a regulated monopoly makes sense (electricity grids) and competition actually decreases consumer value
and then there is a third category: certain industries where a regulated OLIGOPOLY makes sense (cable) and competition beyond a select few actually decreases consumer value, and at the same time dominance by one player decreases consumer value as well
and i would say that domain names falls into the oligopoly category: there should only be a few domain registrars. choice should be maintained, with all the free market benefits that come with that, but not at the cost of a deluge of seedy anonymous players
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
You know, I'm not sure some of you people know how the Naming system works. The difference between the Root Zone and some registrars like Network Solutions(at present)are night and day. If you think a single source of accurate data can be distributed between different companies in different nations, you are high. Really, there are so many things you aren't considering that you short start by considering swallowing your tongue. In the end, there can be only one. It's not that they're just so unhip- it's physical reality.
And I would comment further, but I shouldn't because I actually know what I'm talking about.
>>"Looking back, it's almost impossible to believe that for most of the 1990s, a single company, Network Solutions, had a government-issued monopoly on registering domain names on the Internet." ---Yes, it's amazing that when a brand-new industry formed, there was initially a single dominant company performing a service. We all know that never happens. Usually, an entire slew of stable companies pops up out of thin air and immediately begin filling those service needs.
Perhaps a more personal story is the life of Jon Postel, one of the creators of the DNS and the first top level domain administrator. There is a good story about how he held this position almost until his untimely death and the infamous DNS root incident that occurred shortly after he died. I had also heard that Jon held the domains a.com thru z.com. If he had lived into this century, he could have retired on the money that he could have sold them.
BTW, I believe that most OSes still can have a hosts.txt file. I wonder if it is still possible to spoof a client by creating a bogus file.
I think the real point here is not how ICANN should be shared, but that Network Solutions / VeriSign has had a monopoly on [.com] domain names since day 1, still has it ($5/name), and despite having a "governance body" (ICANN) to oversee their monopoly, will probably have it nearly forever.
It's a beautiful, sharing relationship: ICANN continues to give VeriSign the exclusive right to charge registrars whatever they feel like, and in turn, VeriSign gives ICANN bucketloads (i.e., $25MM/year, with $1MM of that going to the new president) of cash. What money they don't make from VeriSign they make by coming up with scams for creating new TLD's like .aero and .pro, for which they pocket tens to hundreds of thousands of dollars in initial and per-name fees (until the world realizes, yet again, that the game is over, and .com won).
DNS became self aware at 2:14 am EDT August 29, 1997.
Be afraid, very afraid.
That said, it's time for distributed secure name resolution. Those name servers are just too easily messed with. There are many approaches, mostly used in P2P, from Kad to Freenet.
thegodmovie.com - watch it
Slightly off-topic, but just a reminder: have you patched the BIND security hole yet? If you're running BIND 9 and your server is the master for any domains (including localhost), and you haven't patched this week, one malicious packet can crash your server.
If you have a master nameserver on a private network or behind a firewall, and your public-facing nameservers are all slaves with no master zones at all, you're safe. If your infrastructure is set up like that, except you use rsync over ssh to send updated zone files to your "slaves" but they're actually configured as masters, you're vulnerable. Contrary to what you may have heard, it does not matter whether you use dynamic updates (e.g. from dhcpd) or not.
This firewall rule blocks all dynamic update requests, including the exploit, on recent versions of Linux (but didn't work on any of my DNS servers, because they're all running older distros):
iptables -A INPUT -p udp --dport 53 -j DROP -m u32 --u32 '30>>27&0xF=5'
Of course if you're running djbdns or something else, you can continue to be gleefully smug.
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Part 2 of the story, published today, has the actual interview.
Get rid of all the top level domains except for the country ones. No more .com, .net, .edu, .org, and all the stupid new ones recently concocted.
Instead, you just have the country level domains, and allow each country to control their domains the way they see fit. In most countries a domain name would be handled like any other trademark issue.
In the U.S., you'd eliminate domain name squatting since you must show some sort of actual activity to retain a trademark. Buying "Sporf.com" and sitting on it in hopes that a company called "Sporf" will have to buy the domain from you will no longer be a good business model.
Will greedy capitalist evil corporations steal your domain? All you have to do is show that you've actively used the domain (and not just merely have a parking page), and that you've registered your trademark with the correct authorities (something that could be done by the domain registrar where you bought your domain).
In the U.S., domains can be done on a local basis (memphis.tn.us), on a state basis (state.tn.us), or on a national basis (com.us). This way, two local shops called "The Flowerpot" -- one in chicago and one in memphis -- could have the same domain: flowerpot.memphis.tn.us and flowerpot.chicago.il.us. National companies like Apple and Microsoft could get their domains registered as apple.com.us and microsoft.com.us.
The .com domain could become a virtual domain. You type in a company name with a .com suffix, and your browser will search your local area, then the state, and then nationally for a company with that domain prefix. Thus if I live in Memphis and type in "Flowerpot.com", I get flowerpot.memphis.tn.us. If I lived in Chicago, I get flowerpot.chicago.il.us.
This would allow us to get rid of TDL sprawl (.name, .info, .biz, .mobi, etc.) that isn't benefiting anyone but GoDaddym It would eliminate all the sniping the the U.S. controls domains because they'll only control the .us domain. And, it would greatly simplify the whole domain registration process.
Before there were domain names you had to upload a new /etc/hosts periodically. These became unwieldly were the internet increase to more than ten thousand sites.
The biggest mistake was a naive belief that TLDs would be respected, with their silly .com, .org, etc. It created a royal mess of duplicate domain names with irrelevant TLDs as the only difference. Now companies have to buy up .com, .org, .net, etc to protect their domain name, otherwise someone will use other TLDs to sucker in unsuspecting victims into scams.
Getting rid of TLDs would be painful, but it needs to be done to restore a semblance of sanity. We can then have truly unique domain names and avoid not only confusion but scams and speculation (how many .tv domains do you think are legitimately Tuvalu domains?).
End anonymous moderation and posting on
What kind of unit is $MM/yr?
This page says it is a million. But wouldn't you just say $M/yr? No one would specify that a million is a mille times a mille in the unit notation, would they?
Wait, it could also be a Milliard times a Milliard. Yeah, that must be it. Hokay, so that would be ten to the 18 dollars a year. Glad I could clear that up.
I come here for the love
SAIC is "secretive"? Uh, ok, sure they do some military work, and a couple floors of their office building have security checkpoints you have to pass through since they work on various classified stuff, but they're hardly secretive. They do a lot of different stuff, and a number of my friends worked their over the years. Hell, when I was working on VR arcade games back in the day, they invited my dad and I over to their complex in La Jolla to try out a new VR racing game they'd developed.
Looking back on that, it's really hard for my brain to associate the word secretive to them. But who knows - maybe Umbrella Corp would develop video games, too.
http://www.nodaddy.com/ Good old Bob uses deceptive practices.
Karl Denninger (who now makes his living from his Florida retirement home, trying to break the story on how Goldmann-Sachs used network taps to frontrun all trades on Wall Street, and runs his Market Ticker blog) and Kashpureff tried to break these guys and establish alt roots in 97. Anyone remember that eDNS fiasco? It didn't last long, nobody followed their pied-piper song.
These guys made a fortune, grabbing Net Solutions when it was obviously mismanaged, and used their background as junior grade Ross Perots to establish the world DNS order.
I found a pretty good PPT on the history of all this, including how Jon Postel worked for ICANN as one of his last works before he passed, RIP.
Here you go:
www.byte.org/ispbe2002/building-a-better-dns-r2.ppt
That gives the back story on what a soap opera DNS has been as well as this article. No small wonder that Verisign is the company that bought them. Verisign saw Tron in the early 1980s, looked at ENCOM, and said "yeah, we want to be JUST LIKE THAT."
Really, it's impossible to believe? Fed. Reserve is owned by a single family. ISBN system is owned by a single family. There are many "regulatory" institutions that are completely owned by a family or organization. Net Sol is just following suit.
I've been on the Internet a long time, so I remember sri-nic.arpa, nic.ddn.mil, rs.internic.net, and even downloading the Internet host address file, with about 8000+ IPs in it. The early organization was very clear about preserving the namespace of domain names for future generations, with base policies (I believe these are all correct, but it might just be 3 out of 4) of:
* The domain name must relate to the purpose of your organization.
* .net is reserved for network infrastructure, .org for only non-profits, .com for commercial (.mil and .edu are still fairly pristine), etc.
* You must establish two nameservers, that must not be on the same subnet, and must already be providing DNS for the requested domain.
* Each requester gets a single domain, the idea being that the requester's entire organization would then be fully served.
Although they weren't really thinking about the upcoming explosion in web use, their thinking certainly allowed for an explosion in *sub* domain names. So instead of lots of ridiculous domains like www.iatemygrandmamovie.com, we might have later seen something like iatemygrandma.movie.com, with some group running a movie.com site, and an easy way to find a bunch of them, instead of the crapshoot we have now.
So where did the corruption set in? Once the idea of charging for a domain name popped up, some bright boy got a gleam in his eye when a company - I think it might have been Proctor and Gamble - violated registration policy by requesting scores of domain names based on ailments (and possibly some body parts). There was a similar polydomain request by some other group around the same time. Both generated a flurry of controversy. And our illustrious registrar suddenly demonstrated its modern, capitalist colors, dumping the past, conservative policies and making its new mission one of simply selling off every possible domain name, in every possible TLD, as fast as possible.
Effectively, they sold out on future generations' needs in an exercise of total, corrupt greed. The registrar flipped on every policy, encouraging multiple registration of domains, flagrantly pushing registration in every possible TLD, dropping the domain server requirement, dropping the relevancy concept, and now even pushing for more TLDs, in order to sell even more completely unnecessary extra domains.
The idea of allowing some company to register thousands of obviously unrelated domains for cybersquatting would have been anathema in the pre-profit days, but Network Solutions just doesn't care. And that ridiculous article completely misses *all* of this.