On 01/09/2011 02:00 PM, John R. Levine wrote:
...I expect that we'll be moving toward a whitelisted DNS, in which the resolvers that people use only return answers for domains that are vetted by some third party. (If you think I'm kidding, look at some of the recent proposals from the Internet Software Consortium that maintains BIND, the most widely used DNS software.)
I not only anticipate that happening, but I am implementing code to help make it happen. It has always seemed to me that we ought not to fight against the desire of people to shape their view of the internet landscape to what they want it to be. Yes, that's censorship, but it is self-imposed (and hopefully voluntarily) censorship. But it is also expansive - those people who want a broader internet horizon, or a different horizon, ought not to be constrained. I'm working on reviving the "grass roots" idea that was around during the late 1990's. In that idea a user goes to a website that presents a catalog of top level domain choices, including TLD names that may be contested. The user picks a list of TLDs that he wants to compose his view of the internet landscape. The result is a set of BIND configuration files that the user can use to establish his very own personal root (which he can also make available to friends) that contains those TLDs. It also has the nice side effect of bypassing the entire chaos and fee-grabbing that surrounds ICANN's new TLDs and puts the choice where it belongs - into the hands of internet users. (Thus if there is a TLD name that is contested, it will be internet users who chose which, if either, lives or dies. And the specter of users shunning conflicted TLDs will drive the contestants to settle their dispute else both would be likely to fail.) I'm doing the code in my not-very-large amount of spare time, right now I'm working on the code to accumulate TLD offerings into an a catalog (portable in JSON format, XML will come later) of non-authoritative data. The next step will be to create the pick-and-chose mechanism and from that generate a root zone file and other BIND config files. (The hardest part I suspect will be getting the glue records contextually right.) When I get this done - which due to time constraints will certainly be no earlier than several months from now, probably later - I'll be publishing the Python code under a non-viral open source license. --karl--