We use the Internet for so many things every day, and yet few people realize how old the Internet's plumbing is. Surfing the web, sending and receiving email, and much more actually work by using a thirty-year-old centralized routing system called the Domain Name System (DNS), which many of us would dearly love to decentralize.
For a quick refresher, the DNS basically acts like a giant phone book. If you want to buy rubber chickens online from the Archie McFee store in Seattle, there's no need for you to remember an IP address like 126.96.36.199. You just have to know a domain name like ArchieMcpheeSeattle.com.
Considerable activity is going on behind the scenes, so I figured I'd offer a survey of current events, instead of taking an in-depth look at various topics individually. A couple more topics will surely require a follow-up later.
I'm only offering a few paragraphs about each news item since this is a summary, but I've included some audio files that go into more detail. Apologies in advance for the poor production quality of the recordings, including the sound levels. I simply wanted to provide some additional commentary, beyond the brief text, for those who are interested. Enjoy!
Domain Name Thefts
The Huffington Post carried an article recently about domain name thefts. The main point was that domain thefts happen, and there is often little recourse for the domain registrants. They imply that legal remedies are the way to better deal with this, which misses the point. As long as we rely on registrars to safeguard our domain names, instead of controlling our own, thefts will continue to happen.
I covered this topic earlier, remarking that domain name thefts happen routinely, but we have no data regarding the specifics. Registrars do not disclose domain theft statistics, and ICANN is not likely to compel them to do so.
If anyone would have a handle on this topic, Ron Jackson would. He is the editor and publisher of DN Journal, and an industry veteran who chronicles facts about domain registrations and sales data. I asked Ron about this topic and he summed it up nicely:
As far as I know, no one has a really good handle on just how much of a problem domain theft is. We hear of occasional instances of high-profile thefts that catch everyone's attention; however, I'm sure the vast majority of thefts go unreported.
Of course, in decentralized systems, registrars are not needed. No more having domain names accidentally transferred away, and no more social engineering attacks on registrars in order to steal domain names. Now registrants are empowered to be in charge of their own security—protect that private key!Decentralized Internet Update - Domain Thefts
This week I came across an altcoin called EmerCoin that also implements a blockchain-based DNS. They allow people to register .emc and .coin domains. Now is the preregistration period, where domains will be allocated, for free, to registrants of existing domains in other extensions; i.e., if I own mikeward.net I can reserve mikeward.coin. See preregistration instructions here.
Domain registration is not available in the current wallet. It's coming in the next version. This wallet software also acts as a DNS resolver, since it has a full copy of the blockchain. They also have a web gateway available at emergate.net, which lets users navigate to foo.coin via the current DNS using foo.coin.emergate.net.
A wallet binary for Windows is available from SourceForge, albeit with no checksum. Also be forewarned, if compiling on Linux or OS X, that there are some dependencies that are older than those of your package manager, like Berkeley DB 4.8. Just sayin'.
- PoW/PoS: hybrid
- Issuance: 1,000,000,000 total coins
- Key-value store: allows up to 20K of data per record
- Expiration: variable, register for the amount of time you want
- PoS: 6% reward annually, delegation of stake not allowed
- PoW: SHA-256, block reward starts at 5020 EMC tokens, decreases to zero
Learn more at emercoin.com. I say much more about this in the audio file.Decentralized Internet Update - emercoin
This company makes software that protects privacy and security online. I mentioned them earlier, in this discussion about DNS security in the context of man-in-the-middle (MITM) attacks, because of their DNSChain software.
DNSChain is a blockchain-agnostic DNS resolver for next-generation Domain Name Systems, including Namecoin, BitShares DNS, and others to come. It can be used with a decentralized DNS to eliminate MITM attacks, a festering problem that's been around as long as we can remember.
okTurtles is a product that works with DNSChain to provide secure communication online in previously insecure environments, such as forums, Facebook chat, Gmail, etc. Remember, blockchain-based systems do not need elaborate schemes of relying upon trusted third parties to ensure end-to-end security. All the information needed to communicate securely is in the blockchain itself.
okTurtles announced this week that they are hiring! The team is expanding in order to better pursue development efforts around its flagship products—DNSChain and okTurtles software. Node.js developers are wanted, in particular, but anyone with the time and skills to contribute to the project is encouraged to learn more here: https://blog.okturtles.com
A most noteworthy addition to the okTurtles team is Let's Talk Bitcoin's own podcaster John Light, who will help with fundraising efforts!
Finally, the OpenBazaar team has begun their DNSChain integration effort. OpenBazaar is an open-source, decentralized marketplace, and plans to use Namecoin for identity management. Naturally, DNSChain is an integral part of their plans to resolve names by interrogating a blockchain, instead using of a scheme involving some centralized system.
Disclaimer: I am a member of the okTurtles team and I am definitely biased.
ICANN 51 took place in Los Angeles this past week, where hundreds of participants fell asleep during the proceedings. The main item on the agenda was, of course, the IANA stewardship transition. This refers to the transition of the oversight function away from the US Government.
There does not seem to be much consensus around a plan to create the new organization that would assume oversight responsibility. The multi-stakeholder model currently employed by ICANN is expected to be carried over to whatever new structure emerges. This model had much promise, since it aimed to include every interested party. But as it turned out, the most powerful stakeholders—national governments—got a disproportionate amount of influence, and individual registrants got only token representation.
The most recent evidence of this is the WHOIS recommendations from the working group created by the current president when he took office. This group ignored previous work, and came up with proposals to increase the intrusive nature of WHOIS, the service that provides contact information about domain registrants. It is a matter of great interest to both those who want to see better privacy protection, and those who want to make identifying domain owners easier.
Their recommendations ended up being skewed heavily toward preventing privacy for domain registrants. An additional WHOIS contact record would be added to the existing four for all gTLDs (generic top-level domains), if implemented, and it would require street addresses of individual registrants to be made public for the first time. This was done by introducing legal contact information, with a mandatory street address.
A sole privacy advocate, Stephanie Perrin, was included in the working group, but her dissenting opinion was not allowed to be published. For an excellent overview, read this thoughtful post by Emily Taylor, a former chair of the WHOIS working group.
The working group proposes the most privacy-hostile ideas, summed up nicely by these bullet points from Taylor's blog:
- WHOIS data will be held in a single, centralized database.
- Online privacy will be guaranteed by having gated data, only be accessible to accredited users (those who pay a fee).
- Accredited users will have to state the purpose for which they require access to data.
- WHOIS data will be validated by third party Validators.
- The centralized database will provide historic and reverse searching for all records.
ICANN seems to have no idea how harmful their plans are to the privacy, security, and welfare of the users of our shared Internet. A high-profile ICANN board member, Steve Crocker, even remarked during the conference that, "I see no connection between ICANN and human rights." Try telling that to a political dissident, in a country like Iran, who has the audacity to express critical political opinions online.Decentralized Internet Update - ICANN 51
Note: The changes to WHOIS are only a proposal at this point. That's not clear in parts of the audio!
BitShares DNS, Now KeyID
The BitShares DNS, renamed KeyID, had an important announcement last week that the project would be merged into the main BitShares project. This was announced, along with a consolidation of the voting DAC (distributed autonomous company), in a strategic change that caught many by surprise. Dan Larimer later announced that Invictus Innovations, Inc. would use their ownership stake in DNS (the token associated with the BitShares DNS project) to compensate those who had DNS on exchanges at the time of the announcement. The "merger" announcement caused a 50% decline in the market valuation for DNS. Speculators who had moved their shares onto exchanges often lost most of their investment.
The voting DAC and the main BitShares X were uncovering some competing interests, which will be cleared up by the merger. There was much confusion, as well, over the various investment vectors into the BitShares ecosystem (AGS, PTS, BTSX, DNS, etc.), but the situation will improve by eliminating those choices. Investors will now buy BitShares, period. Consolidation is a sensible precursor to raising more capital, and that may be coming soon.
While I find this development to be a little disappointing to those of us who were eager to see another alternative DNS, it's important to take the long view. The same people and ideas are still in play in the main BitShares project, and they should end up looking a lot like the BitShares DNS was going to. For the latest information about BitShares plans, or announcements about this evolving story, please consult the BitShares forum.