[HN Gopher] The GNU Name System
___________________________________________________________________
The GNU Name System
Author : simonpure
Score : 45 points
Date : 2022-01-31 21:37 UTC (1 hours ago)
(HTM) web link (lsd.gnunet.org)
(TXT) w3m dump (lsd.gnunet.org)
| creeble wrote:
| See also (2016) https://news.ycombinator.com/item?id=11641626
| Edit: added date
| dang wrote:
| Thanks! Macroexpanded:
|
| _The GNU Name System IETF Draft_ -
| https://news.ycombinator.com/item?id=23766947 - July 2020 (32
| comments)
|
| _GNU name system_ -
| https://news.ycombinator.com/item?id=11641626 - May 2016 (58
| comments)
| huslage wrote:
| Replacing one centralized protocol with another (x.509) is not
| particularly useful.
| [deleted]
| jll29 wrote:
| ...best used with GTML over GTTP! ;)
|
| But joking aside, it's good to have a censor-resistant resolution
| protocol. This is a more radical idea than the EU's recent
| proposal to have parallel name servers that obey Europe's GDPR
| rules.
|
| Still, a lot of power is given to those that control the cables
| and satellites, and of course the electricity that powers the
| Internet's hardware. The commercialisation of the Internet has
| led to more centralization since the 2000s.
|
| A true state of freedom and safety from repression, censorship
| and dictatorships can perhaps be only achieved with more ad-hoc
| mesh networks.
| depingus wrote:
| > A true state of freedom and safety from repression,
| censorship and dictatorships can perhaps be only achieved with
| more ad-hoc mesh networks.
|
| I've recently started playing with mesh networks. Yggdrasil is
| excellent. They haven't solved naming, they're focused on mesh
| routing with e2e encryption. There's a public network. It's
| very experimental. But it works and its just so cool!
|
| Also worth mentioning is Nebula (made by the Slack devs).
| Nebula is great for building private mesh networks.
|
| Its a very exciting space right now! I'm hopeful; an open
| internet is possible.
| AlternateData wrote:
| Gonna name my future kids in accordance to the GNU name system!
| guerrilla wrote:
| So what does an example name look like?
| nerdponx wrote:
| > A name in GNS is a domain name as defined in [RFC8499] as an
| ordered list of labels. The labels in a name are separated
| using the character "." (dot). Names, like labels, are encoded
| in UTF-8.
| southerntofu wrote:
| TLDR: It's a regular domain name. It looks like a domain name.
| There is no specific extension for GNS.
|
| GNS is intended to replace DNS (in a backwards-compatible way)
| at the ICANN level so if it was ever adopted facebook.com would
| resolve (by following public key PKEY records, not IP/DNS NS
| records) using GNS.
|
| In addition, a neat feature of GNS is the hyper-hyper local
| root. So if you add your friend alice's PKEY in your local root
| as "alice", then you could resolve whatever in her zone as
| whatever.alice. But can this not be achieved with DNS already,
| you may wonder? Two differences:
|
| 1) resolution is by public key, so you don't need to keep a
| mapping of all your friends' nameserver IPs
|
| 2) it's intended as a recursive mechanism where you can
| advertise your favorite domains on your own zone, so for
| example if i publish The Pirate Bay's public key in my zone in
| a tpb record, hypothetical tpb.tofu.net will still resolve
| properly
|
| All in all, GNS is so far the only credible alternative to DNS
| i've read about, if only because both the protocol and the
| zonefile syntax are backwards-compatible with DNS.
| throwawayboise wrote:
| So what are some reasons that it won't gain popularity? Are
| the prevailing registries/registrars opposed to it? Would
| there be any authority that could mediate disputes over who
| "owns" a name? Does it address the problem of name-
| squatting/hijacking?
| encryptluks2 wrote:
| I really like the idea of a pinning service for domains that uses
| provider lists, where you can subscribe to ICANN and root name
| servers but then override or add your own domains and TLDs.
| 0xbadcafebee wrote:
| Is that different than just running your own nameserver and
| root? Or could you do what you describe with dnsmasq?
| southerntofu wrote:
| When reading about GNS for the first time, that was really the
| killer feature for me. How many times have i failed to resolve
| domains that were either censored, seized or simply forgotten
| to renew?! With GNS, as long as the public key lives in my zone
| i'd be very confident i can resolve thepiratebay.org or
| wikileaks.org no matter what some government has to say about
| it.
| KennyBlanken wrote:
| The three hundred or so people who use this will love it.
| ratsmack wrote:
| Everything has to start somewhere.
| southerntofu wrote:
| I didn't downvote, but let me give context for the downvotes:
| GNS is not a special-use TLD (like .onion/.i2p is) and it
| should not be something you have to setup as a user, either
| because your distro will set it up for you, or because your ISP
| will use it on their infra transparently to you (GNS is
| backwards-compatible with DNS protocol). It's that kind of
| project that either everybody will use, or nobody will.
|
| It's a serious research project (with usability studies and
| all) intending to replace the DNS in its entirety, solving
| whole classes of problems related to enumeration, amplification
| attacks, query privacy... If you don't trust me you should
| probably check out the ICANN presentation video about GNS, it's
| really short and instructive. Not that ICANN is advocating for
| GNS, but ICANN regularly holds "future identifiers" sessions
| during which projects can present their R&D.
___________________________________________________________________
(page generated 2022-01-31 23:00 UTC)