Re: BitDNS and Generalizing Bitcoin

After reading through this whole thread, I’ve got a couple of comments that I think would be helpful:

1)  Everyone in the thread seems intent on replacing the entire DNS infrastructure in one fell swoop, which I think is the wrong approach.  The real problem with the DNS system as it exists today is that somebody has to own the root.  At the end of the day, you have to trust ICANN.  What the DomainChain/BitDNS system should strictly focus on is establishing ownership of domain names.  All it needs to track is that the holder of Key A owns domain  Once we’ve established this shared trust, we can support many different DNS infrastructures that can be implemented independently from this project.  Whatever new systems are created use DomainChain/BitDNS to establish which key owns the domain, and only allows that individual to insert records for that domain.  This works out well, since all participants in the system can validate that the record they’ve looked up is valid.  Right now it is easy to get bogged down in all the details of managing DNS records, when all we need to do is establish a trusted, distributed authority that can form the root of DNSSEC, some new p2p DNS, or whatever.

I’m also thinking this could be used to solve the CA problem with HTTPS, since signing your certificate with the same key would prove that I’ve reached the correct server.  But I digress…

2)  Limiting the TLDs should be a requirement.  If this system doesn’t inter-operate with the existing DNS infrastructure by preventing name collisions, it will undermine the trust you are trying to generate.  Even I’m not sure I’m ready to sign up for a distributed DNS system if someone new can pick and cause havok.  I’d humbly suggest .web as the TLD to use, but anything will work as long as it is short and not currently in use.

Right now the focus should be on getting this up and running in a way that doesn’t conflict with the existing system.  If this system becomes dominant at some point and needs to tackle additional TLDs, that is a “problem” that can be dealt with then.

3)  Personally, I think expiring domain names are the way to go.  Even with relatively expensive renewals today, there is still a ton of junk out there.  I can’t imagine how bad it would be if you owned a domain forever.  It isn’t asking much to say that you have to renew your domain periodically to keep it, especially since this shouldn’t be the ripoff that the existing system is today.

I’d like to close out by saying that this is really exciting stuff.  I’ve read a number of different ideas about how to solve the DNS problem, and this is the first one I’ve seen that could actually solve it (and not just replace ICANN with pick-your-new-benevolent-dictator).

@dtvan: all 3 excellent points.
1) IP records don’t need to be in the chain, just do registrar function not DNS.  And CA problem solved, neat.
2) Pick one TLD, .web +1.
3) Expiration and significant renewal costs, very important.

Quote from: joe on December 11, 2010, 10:53:58
However, thinking more about this now I support inclusion of additional coinbases / tracking systems in the main network. The reason for doing this is so as not to water down CPU power into multiple networks. We want one strong network, so the network should be versatile.

Avoiding CPU power fragmentation is no longer a reason.  Independent networks/chains can share CPU power without sharing much else.  See: and

312,697 total views, 42 views today