It'd be pretty cool though. Imagine the P2P "server" component that handles registrations and lookups installed as a Linux module. This would make it available to everyone running a Linux server so there'd be lots of infrastructure that could support it. These guys all cooperate to form a structured P2P overlay. Eventually Microsoft would have to support it or be left behind.
Then a P2P DNS "client" component that installs onto Windows, OSX and Linux which adds the new P2P root domain into the existing DNS lookup functions. There are tons of technical and social challenges, especially around security. But once it's adopted that would spell the end of the hierarchical server based DNS. Bill On Mon, Dec 6, 2010 at 12:51 AM, David Barrett <dbarr...@quinthar.com> wrote: > Agreed on it not going anywhere anytime soon. I think they haven't been > clear on what problem they're trying to solve. If it's to prevent > government seizures of the domain, I'd suggest that be built into the > existing DNS infrastructure in a backwards-compatible fashion. Ideally > this would be part of DNSSec (though I don't think it is) as something like: > > 1) When the domain is registered (and renewed), record the new owner's > public key in a big TXT record. > > 2) When the domain's DNS record is changed in any way, sign it with that > public key. (This means only the owner can actually update the DNS record.) > > 3) On the client (or recursive DNS server) side, cache a domain's public > key (if available) until its registration expires. (The "TTL" for the > key is independent from the TTL of the record itself.) > > 4) When renewing the record, refuse any unsigned change, or change whose > signature fails. > > 5) (This is the big one) If a domain is signed, when the domain record's > TTL expires, don't flush the cache -- just attempt to renew. If you > can't renew, keep the old values. (This one is costly as it means you > essentially never flush signed domain values from your cache.) > > The goal is to ensure that even if the ICANN, Verisign, your registrar, > and the USG all conspire against you, your domain still continues to > function to a large degree. > > > Furthermore, even if you were to do some P2P DNS approach (which I think > should just be called DDNS), it should again be a fallback to regular > DNS. Basically, in the above scenario, only search the P2P network if > it turns out that the registrar has an invalid record. In > 99.99999999999% of cases, normal DNS will be correct, faster, easier, > more reliable, more efficient, etc. DDNS should be used 0.00000000001% > of the time. But its existence will prevent anybody from trying to > seize domains in the first place, so it's OK if it's only used in very > extreme scenarios. > > -david > > > > On 11/30/2010 06:30 PM, Tony Arcieri wrote: >> Surprised someone else hasn't linked this yet: >> >> http://torrentfreak.com/bittorrent-based-dns-to-counter-us-domain-seizures-101130/ >> >> So some folks think a BitTorrent-powered .p2p domain is a good idea as >> an alternative to ICANN. Some are even suggested the system should be >> distributed: >> >> http://dot-p2p.org/index.php?title=Distributed_decision_example >> >> Somehow I don't really see this going anywhere any time soon. >> >> -- >> Tony Arcieri >> Medioh! A Kudelski Brand >> >> >> >> _______________________________________________ >> p2p-hackers mailing list >> p2p-hackers@lists.zooko.com >> http://lists.zooko.com/mailman/listinfo/p2p-hackers > _______________________________________________ > p2p-hackers mailing list > p2p-hackers@lists.zooko.com > http://lists.zooko.com/mailman/listinfo/p2p-hackers > -- Bill McCormick _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
