How is that even remotely related to creating a new domain name service?
Does the author really believe in good faith that the centralization of platforms would somehow be reduced or disappear entirely by introducing a new domain name service?
This will literally not change anything. It's not because Facebook started owning facebook.com that they magically became a dominant platform.
Keeping things decentralized is always going to be an active effort. Fundamentally decentralized vs centralized is also robustness vs efficiency. Anybody with a short returns horizon that hasn't been burned yet prefers efficiency.
The latest basket in which everyone is putting all their eggs is federated login using one of a few giant tech companies (mostly Google) as OIDC providers.
Should I bother saying "I told you so" when these providers start arbitrarily blocking access to peoples' apps for stupid reasons (e.g. policy enforcement bots), abusing login privileges to harvest user data off other platforms (after silently amending their EULAs to give themselves permission to do this), or charging for the right to log into your stuff?
My money is on the last one happening in the next few years. "After January 1st of next year, the use of your Google|Apple|Facebook account to log into third party services will require a subscription..." Why wouldn't they want to collect a tax on every SSO login?
While I doubt major providers are actually abusing login credentials to access third party services (yet?) I'm sure they are gathering all the data they can on who logs into what, from where, and how often. It's a privacy nightmare, but nobody cares about privacy. Nobody will care until they are inconvenienced.
I never took such arguments seriously myself until my bank refused service to me without giving me any reason for it. Treating honest customers like criminals is exactly how people start distrusting centralized systems and their untrustworthy authority. In the dns/icann sphere there are also countless factors[0] that are evidence of this, not even talking about the dns hacks[1] or clear cut corruption of icann or censorship attempts.[2]
So it's not only about robustness vs efficiency, but also about additional factors like ownership and freedom + security et cetera.
[0] https://www.politico.com/news/2022/04/09/website-domain-more...
[1] https://threatpost.com/unprecedented-dns-hijacking-attacks-l...
[2] https://arstechnica.com/tech-policy/2022/03/ukraine-wants-ru...
(Just kidding, I totally agree with your point)
My nickname comes from a throwaway account that I created when I was 8 years old. By an unfortunate series of events it sticked in :)
It is also worth noting that the coins behind this project have been mined since February 2020. https://e.hnsfans.com/blocks?page=6517
Particularly for any use case where it is important that any user in all circumstances has access to data, it is really important to avoid centralizing forces present in Bitcoin and Ethereum - they were designed to secure blocks, not to secure open access, as plainly evident by their consensus mechanisms which do nothing explicit to reward the routing of data into the network.
This results in sub-optimal outcomes for data routing, but optimal outcomes for producing hash power or collecting large staking pools. If you are seriously interested in a platform which incentivizes and is based around open access and leverages that to gain better security guarantees (time-stamping, public key cryptography, exchange of value) at scale than Bitcoin or Ethereum, read about Saito and its economic foundations.
Notice: GNUnet is still undergoing major development. It is largely not yet ready for usage beyond developers.
At the very least it should be accessible via a browser. For Handshake that is accessible with the Beacon Browser. [1] Ethereum Name Service (ENS) domains are accessible via Brave Browser, and Beacon Browser [1]. That gives the impression to general users that it actually works.
https://www.gnunet.org/en/install.html
> It is largely not yet ready for usage beyond developers.
Still in development, not ready for average joe.
Frankly, considering how critical the name server infrastructure is, I think it's been remarkably reliable and well run. The .org controversy was a big deal, but for the thirty years I've been online those types of problems stand out because they are so rare.
i.e. "are you my bank?" It's a question I want answered specifically, in a cryptographically secure fashion by my local government well-known authority, and then my bank.
"Are you the local resistance leaders?" is a question I want answered by a chain of signed pseudonyms with set of revocations being published frequently through anonymous channels.
In both cases, details like "how are TLDs assigned?" should ultimately be in my control, with a convention to establish "normal" practice.
One of those use cases shouldn't be wasting my money running GPU miners, and one of them can't.
It's very interesting to see Namecheap, Gateway.io, Encirca, etc use it and its very surprising to see some ICANN TLDs being claimed on Handshake.
I'm not very convinced about the upside-downside ratio of this implementation though
But it has the merit of being a blockchain use that isn't complete non-sense.
If you are seeking decentralized naming and certificate authorities you can look at Ethereum and ENS. Besides the eventual transition to Proof-of-Stake, building an application on top of an existing consensus mechanism means that your application will inherit the security of that blockchain.
My guess would be it was in the $3-8k range.
CAA records provide some extra defence (https://en.m.wikipedia.org/wiki/DNS_Certification_Authority_...).
It’s not perfect, but it’s getting better.
For example, say you're Facebook, you've got an arrangement with DigiCert where on top of the Ten Blessed Methods of the Baseline Requirements, DigiCert promises to go exclusively through a six man "Certificate management" team at Facebook for all .facebook.com and .fb.com names. Even if Marketing really wants coca-cola-advert.facebook.com they can't get a certificate without an OK from that six man team. Well, (and something similar really happened years ago) the deal you cut with DigiCert doesn't magically apply to every other CA. The Baseline Requirements do, but not your custom deal, so other CAs don't need to know about your rules and may issue coca-cola-advert.facebook.com certificates to the marketing guys who've set up the coca-cola-advert.facebook.com web site just obeying the Ten Blessed Methods.
CAA records are in the Baseline Requirements, and so Facebook can write a CAA which says "Only DigiCert may issue". And if you look with your preferred DNS querying tool, that is exactly what they did. CAA for facebook.com is 0 issue "digicert.com"
If you posit that there are crooks at some other CA issuing bogus certificates, CAA doesn't stop that. The crooks can ignore such a rule, the same way a crook can ignore the "Employees only" sign on a door. But, we can see what the public CAs are doing, so, if any of them are crooked we can notice that and kick them out. For the most part humans, including those running a CA, can be lazy and incompetent but they aren't malevolent.
There is simply no way to secure a domain name without having asserted it cryptographically from the people who actually control the domain: the registrar. Only the registrar knows who owns the domain, and what that owner will allow to happen with the domain. A CSR must go through the registrar, and the registrar must pass the request to the human who owns the domain for validation. (This can be automated by the owner for automatic cert renewal.) This puts the power in the hands of the people who really control the domain, rather than a bunch of wonky insecure kludges to kinda-sorta-validate who might control a DNS record or some temporary IP space or an email address or some other nonsense.
It's friggin' 2022. If we land on Mars before we figure out how to control domain names securely, we are truly an incompetent industry.
Dappy has a .d scoping at the top to avoid collisions, POS blockchain behind it, a co-resolution system (IP addresses and root certificates are always co-resolved), and it allows multi-ownership of names.
Worth checking out https://dappy.tech/
Uh, no thanks. If you insist on using a blockchain at least don't make it proof-of-work. It's 2022, and there are plenty of production-ready non-PoW chains out there already. Please stop killing the planet.
Wrt to non-PoW system, so far governance for those chains looks closer to a federation (where a few agents control the majority of the network) than to a really decentralised network. In that sense, a proof-of-stake DNS network wouldn't be that different from the current implementation. If such network ever takes off, I wouldn't be surprised if major ISPs, Cloudfare, Google, and a few other players end up owning the majority of the tokens.
[1] Adam Back's 1997 Hashcash, designed to fight email spam and DDOS attacks was based on PoW.
Yeah. Like Solana, Polygon, Helium, Celo, etc? Which they went down. Why would something that operates like a CA, DNS or TLDs be suitable on those 'production-ready' chains? PoW makes sense for this use case.
> Please stop killing the planet.
I agree. I'd rather have something useful burning the planet and is an improvement than something that is burning the planet for the benefit of more surveillance, censorship and spyware (Deep Learning, Machine Learning systems on user data) or something that is not useful at all to the current system. (Bitcoin)
So perhaps we also should look at stopping running broken machine learning / deep learning models continuously on many data centers for 10+ years which that is also incinerating the planet.
Funny how you forgot to mention Cosmos [0] which is one of the most prominent PoS blockchain, in production since march 2019, and never went down ...
I do know Solana has had downtime and Celo not even being a cryptocurrency but something centralized, but when did Polygon have any downtime? I have some automation happening over the Polygon network and never encountered any downtime, when did this happen?
That's Whataboutism https://en.wikipedia.org/wiki/Whataboutism
If you'd rather want to use something with PoS, then Ethereum Name Service (https://ens.domains/) is probably your best bet as Ethereum is moving to PoS shortly and is a widely used chain.
> The full node daemon, hsd, is written in Javascript and is a fork of bcoin.
Personally, not the future I’m looking for.
1. The search bar on their homepage returns no handbrake results
2. To get to those results in the first place you have to click on a 'Handbrake' tab (leaving the 'Domains' tab)
3. The search results link to an info page that clearly states "It's also important to note that handshake domains do not resolve in regular browsers without additional setup."
For the record, I think Handbrake is a doomed project and a bad investment for Namecheap, but I don't think that means we can just accuse Namecheap of "forcing it down the throats of people".
Tip: find a phishing domain -- either SMS or via some search -- and check the WHOIS. It's always the same registrar. Then try to report it and see how it goes.
Wonderful. Using a guilt by association to discredit a project due to someone else's involvement rather than critiquing the technology and its goals.
Facebook have been involved with allowing the spread of misinformation, hate crimes, etc and have built systems that use Rust to aid this and are also a platinum member (Amongst other surveillance big tech companies like Microsoft, Google, Amazon, etc) involved with funding the Rust Foundation.
Given that deep association, does that mean you should stop learning and using Rust?
https://www.crunchbase.com/organization/handshake-2
Meanwhile, the claims on this website:
> Email became Gmail, usenet became reddit, blog replies became facebook and Medium, pingbacks became twitter, squid became Cloudflare, even gnutella became The Pirate Bay
While not even accurate, these centralized services became popular and synonymous with their underlyings due to convenience and benefits (eg gmail offering massive storage when it first rolled out; FB deploying its newsfeed which other social media platforms didn’t have at the time; etc)
> True decentralization, no official singular Foundation, Committee, Corporation, or entities in permanent unitary control of the protocol.
And what happens when something inevitably goes wrong without any kind of oversight? Who can course-correct if it has succumbed to say a 51% attack
> Economic incentives enable decentralized agreements to form via a transparent name auction process.
And so beholden to the same hyperfinancialization principles we see now—bid higher to get your blocks mined quicker. Not to mention the 700% spike in fees we saw not long ago.
Add in proof of work and you’ve now got potentially very long waiting times as well, further incentivizing the pay for speed mentality
Email/Usenet were fossilised the day they were born pretty much, we're still living with stupid fixed width lines of text in 2022, people just gave up on replying correctly, and no one could fix usenet spam.
Web apps have instant new version deployment, but are centralised, automatically updating docker containers are probably a half decent solution to a federated network.
The most popular website creation system is Wordpress though, that's mostly open and decentralised