Interesting People mailing list archives
IP: Proposal for a DNS market infrastructure
From: Dave Farber <farber () central cis upenn edu>
Date: Tue, 19 Sep 1995 09:51:23 -0400
To: farber () central cis upenn edu (David Farber) Cc: interesting-people () eff org (interesting-people mailing list) and many others Date: Tue, 19 Sep 1995 05:01:36 -0700 From: John Gilmore <gnu () toad com> The only real problem with the DNS fee imposition is the lack of a market. I propose that ISOC grant, to anyone who will run a publicly accessible top-level domain server meeting particular criteria, the right to merge domain entries into a shared top-level database. And to charge their users whatever the traffic will bear for the domain entries that they insert. And that ISOC urge its members and all Internet users to switch to using these root DNS servers. I believe that the technical problems of such a change are easily handled. And the resulting market system, in both technical and nontechnical aspects, is much more robust and cost-effective than a monopoly provider. Coordinating updates to the .com domain should be relatively straightforward. Each company's public server would serve the entire .com domain. They would also operate a private registration database which would hold the subset of the domain that they are sponsoring. Periodically, the private registration information is made accessible to all the other root servers, these databases are merged, and the result becomes the new entire .com domain which each company serves. If a root DNS update occurs every three days, each of the ten companies can avoid 99.8% of name conflicts by simply checking potential new registrations against their own root DNS server. Only if the same name gets registered by two different folks into two different DNS companies in the same three-day period, will there be a problem -- and it's detected at the next three-day merge. Then a simple first-one-gets-it algorithm, based on exactly when each DNS company issued the name, will resolve the conflict. It just has to be clear that a domain registration isn't over until the fat lady merges, so the later registrants won't be misled into thinking that getting into their vendor's private database gives them any right to the name. (This will encourage people to register names with particularly speedy and responsive DNS vendors! I also guess that once the market gets to work on DNS service, the three-day lag can also be shrunk to a day or less.) The DNS companies would each make their own company's data accessible to each other (and the public) via FTP, in a documented format. Each root DNS server can then do an independent merge of the databases, using copylefted free software available to all vendors (and the public). Different DNS companies could then checksum their merged databases against each other, and give themselves an hour or two to manually resolve any discrepancies, before posting them simultaneously as the new three-day root domains. Short-term failures would be handled by having the merge process simply use yesterday's database from a DNS company if it is impossible to fetch today's. This design would result in no dependence on a single physical or organizational point of failure. If the ISOC would adopt such a scheme, I would personally finance the building of the free software required for the merging. Further maintenance of the software would be done, or paid for, by its users (the DNS vendors). Though the software itself is a potential point of failure, it is available for public scrutiny, and can be maintained independently by many different parties if they desire to do so. Legal liability for any DNS action would logically reside with the entity that originally provided the DNS record. Of course there's no guarantee that a judge would agree, but by making the rules sufficiently simple and unbiased we can make it more likely, reducing the risks to ISOC and to all other DNS companies. Companies can judge the risk themselves, and adjust their fees to match (initially, and after some case law develops). It shouldn't take 30% of revenues to feed the lawyers! ISOC could define and periodically update the criteria for being a root domain server (responsiveness, uptime, bandwidth, etc), and sign a short contract with each such server. The rules would be enforced in practice by peer pressure from the other root domain servers; the contract would require that every other root server delete a failing vendor's NS records for poor performance, e.g. if Microsoft's DNS service refused to merge in domain registrations from Novell's DNS service, or if EFF's DNS server dropped too many queries for an extended period. If the whole lot of DNS companies colludes to change the rules, and the users don't like the result, we the users would have to rise up again (like we're doing now) and take matters into our own hands again. Viva la revolucion! Technically it's not a hard problem to provide a plurality of domain name issuers. The problem is that the current monopoly provider is trying to consolidate their monopoly before we get around to it. Shall we do it anyway? John Gilmore PS: Even if Network Solutions won't go along with this, and won't provide updates of their database, they will have to continue answering DNS queries, until their contract with NSF runs out. We can always have our new 'root-servers' forward queries for any unknown names to Network Solutions, for the two or three years that they still exist. As they cut off existing domain name users for non-payment and drop them from their server, those users will have to pay a non-monopoly price to a non-monopoly vendor in order to be in the new "real" root DNS system. Of course, if NS will provide their database in a mergeable form, then the other vendors can merge it into the new root servers and avoid forwarding DNS queries, even if NS won't take changes *back*. PPS: The ultimate power here is in the hands of the individual sysadmins who determine what root server(s) their DNS server trusts. However, intermediate power is owned by the operators of the existing root DNS servers, who are already trusted by many DNS users. I note that NS has renamed these servers with anonymous names (I.ROOT-SERVERS.NET) rather than their original names, which identified the organizations who provide them (NIC.NORDU.NET). If any of these server operators were to endorse and then implement a market scheme, such as this one, a significant part of the net would automatically come with them.
Current thread:
- IP: Proposal for a DNS market infrastructure Dave Farber (Sep 19)