Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Would You Redesign the TLD Hierarchy?

Posted by timothy on from the sell-to-high-bidders-model-taken dept.

First time accepted submitter at.drinian writes "Last week, we heard about the many applications for new top-level domains that have been put forth by various businesses and organizations. ICANN, of course, has come under heavy criticism for its process. If you didn't have the accumulated baggage of 30 years of DNS, how would you redesign things? .public and .private TLDs only? No TLD control? Country-level domains?"

5 of 265 comments (clear)

  1. They're pointless anyway by jandrese · · Score: 5, Insightful

    I would drop the whole TLD concept in a heartbeat. It just adds one more thing to remember that means very little anymore, and opens people up to confusion (wait, Whitehouse.com is a porn site!?!).

    Seriously, what does it accomplish? The categories are so broad that they're nearly useless as an organizing tool, especially since many companies buy up the "lesser" TLDs for their domain just to prevent confusion. People don't organize domain names in a hierarchy like they did with Usenet groups, so appending a category label to each seems rather silly.

    Country code TLDs are a symptom, not a feature. They come about because local governments want to exert their own control over some aspect of the internet, but really the whole point of the internet is to transcend borders and unite people in a single global network, even if that is a threat to entrenched interests.

    --

    I read the internet for the articles.
  2. Reverse the order. by pushing-robot · · Score: 5, Insightful

    My OCD says it should be http://org.slashdot.ask/story...

    Or is that not what you meant?

    --
    How can I believe you when you tell me what I don't want to hear?
  3. Same way Twitter did by michaelmalak · · Score: 5, Interesting

    Some say appending ".com" denotes that it's a web address. Well, Twitter solved similar problems with just one character rather than four: @ for people, # for tags. If we could rewrite history and didn't need to distinguish between government and non-government sites (due to the Internet having grown out of the government), domain names should have adopted a similar magical special character.

  4. From an implementor's point of view... by Anonymous Coward · · Score: 5, Interesting

    I've done a lot of DNS server work at the code/protocol level, and a lot of serious thinking about the DNS over the years. My take is basically this:

    1) The traditional generic TLDs (com/net/org) make a certain amount of sense, especially in the modern world for multi-national interests. Arguably we should be more strict about policies for net (network operators and infrastructure, not random companies) and org (actual non-profit organizations).

    2) The ccTLDs also make a ton of sense, keep those.

    3) The DNS is meant to be hierarchical. Not just in terms of server lookup hierarchy, but in the sense of informational hierarchy for humans to understand. It's like Area Codes and Country Codes, it has to make sense. .pizza and .pepsi completely break the hierarchy, they're horrible sins committed in the name of the DNS cabal making a quick buck. A lot of people should be tossed in jail for this stupid idea.

    4) The protocol and RFCs need serious re-work. I won't repeat all the analysis others have done over the years, except perhaps to point you at DJB's cr.yp.to DNS rants, most of which are valid. CNAMEs, the way PTR was handled, the ridiculously stupid compression scheme - all examples of shoddy design, at least in hindsight. All of the early RFCs and implementors also made the huge mistake of muddling up what should be very separate concepts: First there's the 3-way mixup of: DNS the conceptual distributed database, DNS the protocol, and DNS file formats that are private to server implementations. Then there's also the grand mixup of server roles: local non-recursive cache, recursive cache for a network of private clients, public recursive caches and forwarders, and finally true authoritative servers. It was the fact that BIND was the de-facto implementation and routinely mixed all of these roles by default that lead to the mess, and lead to tons of security problems over the years.

    5) Security. DNSSEC, which sadly has a lot of traction now, is a complete joke. A proposal more akin to DJB's DNSCurve would be *much* better. The problem with DNSCurve was that it required really ugly NS-record hostnames in order to seamlessly integrate with the existing broken DNS design as smoothly as possible. A proposal combining DNSCurve's actual security mechanisms with simple KEY records would suffice, but needs backing form the DNS Cabal in the IETF, which are already deeply monetarily entrenched in selling DNSSEC to enterprises and governments.

    It's really not hard at all to design a replacement for DNS that's better in every way. I've done it at least 20 times lying in bed dreaming, and a few times in practice with real code just for fun. The problem is that the current system is entrenched and nobody's willing to take on the job of getting everyone switched over to a new system, if it's even possible. You'd need to support both protocols in everything for a period of a decade or two, and nobody wants to because the current system just barely continues to function and offers some really clunky, faulty security in the latest update.

  5. Re:I wouldn't by garbut · · Score: 5, Insightful

    I'd say .edu, .gov and .mil need to be moved under .us to be fair or else every country would have to have the same battery of tld's.

    --
    Oh, should I have sugar-coated that?