OCTO-34 Challenges with Alternative Name Systems
This came to my attention vide the NCAP Discussion Group and is a worthwhile read for those with concerns over name collisions in competing name spaces (please note that these sort of name collisions is out-of-scope for the NCAP Studies) and I would add to Jim's excerpt extracted from the document ...... https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf "*A key reason to obtain a brandable domain is that it is easy to remember, pronounce, and spell. We also make assumptions. For example, you might assume that any potential customer anywhere in the world could use the domain name you select to connect with you easily, either by clicking on a link or typing the name into a browser, regardless of which platform the customer is using.* *This assumptions holds true when you get a regular DNS domain name. Once the proper DNS records and web servers for that domain name are set up, any user on the Internet can reach you. This is one of the most important advantages of the DNS: domain names can be resolved by anyone, anywhere on the planet, from any platform. Meanwhile, alternative naming systems have existed for a long while, but have remained marginal. More recently, various blockchains have introduced their own naming systems. Those are often promoted as real alternatives to the DNS.* *If you are using a name that is part of such an alternative naming solution, the above assumption no longer holds true. Resolving domain names in an alternative naming system requires a specialized bridge from the DNS world in order for the alternate names to work. What does this mean to the average Internet user? Unless Internet users install specific software or configure certain settings on all of their devices, they will not be able to use these non-DNS names. In this circumstance, an Internet user clicking on a link with an alternate name will see a failure with an error message that the domain cannot be found.....*" Justine ---------- Forwarded message --------- From: James Galvin Date: Fri, 29 Apr 2022 at 05:06 Subject: [NCAP-Discuss] OCTO-34 Challenges with Alternative Name Systems To: NCAP Discussion Group This document was recently published by OCTO: https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf Although our focus is name collisions within the DNS infrastructure, we have stated that we would be remiss if we did not acknowledge that there are alternate namespaces and their impact on us. I believe the aforementioned document by OCTO is informative to this concern. I have excerpted the Executive Summary here for your consideration and encourage all to review the document. *"The Domain Name System (DNS) is a component of the system of unique identifiers ICANN helps to coordinate. It is the main naming system on the Internet. It is not the only one. Some predate it, and some others have been recently proposed in the wake of the blockchain approach of decentralized systems.* * Proposing a new naming system is one thing. Making sure everybody on the Internet can use it is another. Alternative naming systems face a huge deployment challenge. A number of solutions exist to bridge the DNS to those parallel worlds, but they all come with their own set of drawbacks.* * Furthermore, the lack of name space coordination, either between those alternative naming systems and the DNS, or simply among those alternative naming systems, will result in unworkable name collisions that could lead to completely separate ecosystems, one for each alternative naming system, further fragmenting the Internet. This is the exact opposite of the vision “one world, one Internet.”* Thanks, Jim _______________________________________________
Thanks Justine. It is true that presently users need to install additional software to access these alternative names. However, we need to be mindful of a recent trend where new, crypto-savvy browsers support alternative roots out-of-the-box, without the need to install additional software. For instance, the Brave Browser comes with Tor built in. If this trend consolidates in future, it will tend to blur the difference between DNS and alternative roots, which, in my opinion, may possibly undermine end-user trust in the DNS. With kind regards satish On Fri, Apr 29, 2022 at 6:13 AM Justine Chew via CPWG <cpwg@icann.org> wrote:
This came to my attention vide the NCAP Discussion Group and is a worthwhile read for those with concerns over name collisions in competing name spaces (please note that these sort of name collisions is out-of-scope for the NCAP Studies) and I would add to Jim's excerpt extracted from the document ......
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
"*A key reason to obtain a brandable domain is that it is easy to remember, pronounce, and spell. We also make assumptions. For example, you might assume that any potential customer anywhere in the world could use the domain name you select to connect with you easily, either by clicking on a link or typing the name into a browser, regardless of which platform the customer is using.*
*This assumptions holds true when you get a regular DNS domain name. Once the proper DNS records and web servers for that domain name are set up, any user on the Internet can reach you. This is one of the most important advantages of the DNS: domain names can be resolved by anyone, anywhere on the planet, from any platform. Meanwhile, alternative naming systems have existed for a long while, but have remained marginal. More recently, various blockchains have introduced their own naming systems. Those are often promoted as real alternatives to the DNS.*
*If you are using a name that is part of such an alternative naming solution, the above assumption no longer holds true. Resolving domain names in an alternative naming system requires a specialized bridge from the DNS world in order for the alternate names to work. What does this mean to the average Internet user? Unless Internet users install specific software or configure certain settings on all of their devices, they will not be able to use these non-DNS names. In this circumstance, an Internet user clicking on a link with an alternate name will see a failure with an error message that the domain cannot be found.....*"
Justine
---------- Forwarded message --------- From: James Galvin Date: Fri, 29 Apr 2022 at 05:06 Subject: [NCAP-Discuss] OCTO-34 Challenges with Alternative Name Systems To: NCAP Discussion Group
This document was recently published by OCTO:
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
Although our focus is name collisions within the DNS infrastructure, we have stated that we would be remiss if we did not acknowledge that there are alternate namespaces and their impact on us.
I believe the aforementioned document by OCTO is informative to this concern. I have excerpted the Executive Summary here for your consideration and encourage all to review the document.
*"The Domain Name System (DNS) is a component of the system of unique identifiers ICANN helps to coordinate. It is the main naming system on the Internet. It is not the only one. Some predate it, and some others have been recently proposed in the wake of the blockchain approach of decentralized systems.*
* Proposing a new naming system is one thing. Making sure everybody on the Internet can use it is another. Alternative naming systems face a huge deployment challenge. A number of solutions exist to bridge the DNS to those parallel worlds, but they all come with their own set of drawbacks.*
* Furthermore, the lack of name space coordination, either between those alternative naming systems and the DNS, or simply among those alternative naming systems, will result in unworkable name collisions that could lead to completely separate ecosystems, one for each alternative naming system, further fragmenting the Internet. This is the exact opposite of the vision “one world, one Internet.”*
Thanks,
Jim _______________________________________________
_______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
This came to my attention vide the NCAP Discussion Group and is a worthwhile read for those with concerns over name collisions in competing name spaces (please note that these sort of name collisions is out-of-scope for the NCAP Studies) and I would add to Jim's excerpt extracted from the document ......
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
"*A key reason to obtain a brandable domain is that it is easy to remember, pronounce, and spell. We also make assumptions. For example, you might assume that any potential customer anywhere in the world could use the domain name you select to connect with you easily, either by clicking on a link or typing the name into a browser, regardless of which platform the customer is using.*
*This assumptions holds true when you get a regular DNS domain name. _Once the proper DNS records and web servers for that domain name are set up, any user on the Internet can reach you. This is one of the most important advantages of the DNS: domain names can be resolved by anyone, anywhere on the planet, from any platform_. Meanwhile, _alternative naming systems have existed for a long while, but have remained marginal_. More recently, various blockchains have introduced their own naming systems. Those are often promoted as real alternatives to the DNS.*
While there needs to be a "bridge", several browsers like Opera and Brave support alternative name systems by default. The moment Firefox, Chrome, and Edge start the support, well I guess we going to have a different discussion. Best, Theo On Fri, Apr 29, 2022, at 12:42 AM, Justine Chew via CPWG wrote: * *
*If you are using a name that is part of such an alternative naming solution, the above assumption no longer holds true. _Resolving domain names in an alternative naming system requires a specialized bridge from the DNS world in order for the alternate names to work. What does this mean to the average Internet user? *Unless Internet users install specific software or configure certain settings on all of their devices, they will not be able to use these non-DNS names.* In this circumstance, an Internet user clicking on a link with an alternate name will see a failure with an error message that the domain cannot be found_.....*"
Justine **
---------- Forwarded message --------- From: *James Galvin* Date: Fri, 29 Apr 2022 at 05:06 Subject: [NCAP-Discuss] OCTO-34 Challenges with Alternative Name Systems To: NCAP Discussion Group
This document was recently published by OCTO:
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
Although our focus is name collisions within the DNS infrastructure, we have stated that we would be remiss if we did not acknowledge that there are alternate namespaces and their impact on us.
I believe the aforementioned document by OCTO is informative to this concern. I have excerpted the Executive Summary here for your consideration and encourage all to review the document.
*"The Domain Name System (DNS) is a component of the system of unique identifiers ICANN helps to coordinate. It is the main naming system on the Internet. It is not the only one. Some predate it, and some others have been recently proposed in the wake of the blockchain approach of decentralized systems.*
** *Proposing a new naming system is one thing. Making sure everybody on the Internet can use it is another. Alternative naming systems face a huge deployment challenge. A number of solutions exist to bridge the DNS to those parallel worlds, but they all come with their own set of drawbacks.* ** *Furthermore, the lack of name space coordination, either between those alternative naming systems and the DNS, or simply among those alternative naming systems, will result in unworkable name collisions that could lead to completely separate ecosystems, one for each alternative naming system, further fragmenting the Internet. This is the exact opposite of the vision “one world, one Internet.”*
Thanks,
Jim _______________________________________________ _______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Yes, section 3.2.2 of the document did identify certain browsers as having been compiled to access certain alternative name systems by default: Opera - ENS domains, Brave - Unstoppable Domains, and even Beacon - Handshake domains. I guess OCTO takes the position that these are "marginal". But, yes, once the more commonly used browsers - Firefox, Chrome and Edge - start supporting alternative name systems by default, I guess OCTO will have a very different perspective. Best, Justine On Fri, 29 Apr 2022 at 15:34, Theo Geurts via CPWG <cpwg@icann.org> wrote:
While there needs to be a "bridge", several browsers like Opera and Brave support alternative name systems by default.
The moment Firefox, Chrome, and Edge start the support, well I guess we going to have a different discussion.
Best, Theo
On Fri, Apr 29, 2022, at 12:42 AM, Justine Chew via CPWG wrote:
This came to my attention vide the NCAP Discussion Group and is a worthwhile read for those with concerns over name collisions in competing name spaces (please note that these sort of name collisions is out-of-scope for the NCAP Studies) and I would add to Jim's excerpt extracted from the document ......
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
"*A key reason to obtain a brandable domain is that it is easy to remember, pronounce, and spell. We also make assumptions. For example, you might assume that any potential customer anywhere in the world could use the domain name you select to connect with you easily, either by clicking on a link or typing the name into a browser, regardless of which platform the customer is using.*
*This assumptions holds true when you get a regular DNS domain name. Once the proper DNS records and web servers for that domain name are set up, any user on the Internet can reach you. This is one of the most important advantages of the DNS: domain names can be resolved by anyone, anywhere on the planet, from any platform. Meanwhile, alternative naming systems have existed for a long while, but have remained marginal. More recently, various blockchains have introduced their own naming systems. Those are often promoted as real alternatives to the DNS.*
*If you are using a name that is part of such an alternative naming solution, the above assumption no longer holds true. Resolving domain names in an alternative naming system requires a specialized bridge from the DNS world in order for the alternate names to work. What does this mean to the average Internet user? Unless Internet users install specific software or configure certain settings on all of their devices, they will not be able to use these non-DNS names. In this circumstance, an Internet user clicking on a link with an alternate name will see a failure with an error message that the domain cannot be found.....*"
Justine
---------- Forwarded message --------- From: *James Galvin* Date: Fri, 29 Apr 2022 at 05:06 Subject: [NCAP-Discuss] OCTO-34 Challenges with Alternative Name Systems To: NCAP Discussion Group
This document was recently published by OCTO:
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
Although our focus is name collisions within the DNS infrastructure, we have stated that we would be remiss if we did not acknowledge that there are alternate namespaces and their impact on us.
I believe the aforementioned document by OCTO is informative to this concern. I have excerpted the Executive Summary here for your consideration and encourage all to review the document.
*"The Domain Name System (DNS) is a component of the system of unique identifiers ICANN helps to coordinate. It is the main naming system on the Internet. It is not the only one. Some predate it, and some others have been recently proposed in the wake of the blockchain approach of decentralized systems.*
*Proposing a new naming system is one thing. Making sure everybody on the Internet can use it is another. Alternative naming systems face a huge deployment challenge. A number of solutions exist to bridge the DNS to those parallel worlds, but they all come with their own set of drawbacks.*
*Furthermore, the lack of name space coordination, either between those alternative naming systems and the DNS, or simply among those alternative naming systems, will result in unworkable name collisions that could lead to completely separate ecosystems, one for each alternative naming system, further fragmenting the Internet. This is the exact opposite of the vision “one world, one Internet.”*
Thanks,
Jim _______________________________________________ _______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
_______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
Many thanks Justine for the post. You may be aware that, I have been working with the early owners of the Internet Kiosks nearly 20 years back. Admittedly, there was not much of advise from ICANN as such. Experiences taught me a valuable lesson: Word - of - Mouth and "Peer Group" command more trust and quick action rather than any branded documentation. During the past few years of the COVID - 19 crisis, I found the following ICANN blog very useful. "Ways of Trusting Internet Identifiers" at: https://www.icann.org/fr/blogs/details/ways-of-trusting-internet-identifiers... A quick excerpt: ICANN has responded by having an extremely open, transparent and accountable process. Trusted community representatives play an active role in the maintenance of the cryptographic keys, participating in ceremonies that people can watch either live or via recordings. Technical communities help shape the processes that govern the chain of trust for DNSSEC...... I ma sure you would appreciate that, it is a lot more than what you have very nicely included in the trace that reads: "UNLESS INTERNET USERS INSTALL SPECIFIC SOFTWARE OR CONFIGURE CERTAIN SETTINGS ON ALL OF THEIR DEVICES, THEY WILL NOT BE ABLE TO USE THESE NON-DNS NAMES." What is in a NAME? Sincerely, Gopal T V 0 9840121302 https://vidwan.inflibnet.ac.in/profile/57545 https://www.facebook.com/gopal.tadepalli ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Dr. T V Gopal Professor Department of Computer Science and Engineering College of Engineering Anna University Chennai - 600 025, INDIA Ph : (Off) 22351723 Extn. 3340 (Res) 24454753 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ On 2022-04-29 06:12, Justine Chew via CPWG wrote:
This came to my attention vide the NCAP Discussion Group and is a worthwhile read for those with concerns over name collisions in competing name spaces (please note that these sort of name collisions is out-of-scope for the NCAP Studies) and I would add to Jim's excerpt extracted from the document ......
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
"_A key reason to obtain a brandable domain is that it is easy to remember, pronounce, and spell. We also make assumptions. For example, you might assume that any potential customer anywhere in the world could use the domain name you select to connect with you easily, either by clicking on a link or typing the name into a browser, regardless of which platform the customer is using._
_This assumptions holds true when you get a regular DNS domain name. Once the proper DNS records and web servers for that domain name are set up, any user on the Internet can reach you. This is one of the most important advantages of the DNS: domain names can be resolved by anyone, anywhere on the planet, from any platform. Meanwhile, alternative naming systems have existed for a long while, but have remained marginal. More recently, various blockchains have introduced their own naming systems. Those are often promoted as real alternatives to the DNS._
_If you are using a name that is part of such an alternative naming solution, the above assumption no longer holds true. Resolving domain names in an alternative naming system requires a specialized bridge from the DNS world in order for the alternate names to work. What does this mean to the average Internet user? UNLESS INTERNET USERS INSTALL SPECIFIC SOFTWARE OR CONFIGURE CERTAIN SETTINGS ON ALL OF THEIR DEVICES, THEY WILL NOT BE ABLE TO USE THESE NON-DNS NAMES. In this circumstance, an Internet user clicking on a link with an alternate name will see a failure with an error message that the domain cannot be found....._"
Justine
---------- Forwarded message --------- From: JAMES GALVIN Date: Fri, 29 Apr 2022 at 05:06 Subject: [NCAP-Discuss] OCTO-34 Challenges with Alternative Name Systems To: NCAP Discussion Group
This document was recently published by OCTO:
https://www.icann.org/en/system/files/files/octo-034-27apr22-en.pdf
Although our focus is name collisions within the DNS infrastructure, we have stated that we would be remiss if we did not acknowledge that there are alternate namespaces and their impact on us.
I believe the aforementioned document by OCTO is informative to this concern. I have excerpted the Executive Summary here for your consideration and encourage all to review the document.
_"The Domain Name System (DNS) is a component of the system of unique identifiers ICANN helps to coordinate. It is the main naming system on the Internet. It is not the only one. Some predate it, and some others have been recently proposed in the wake of the blockchain approach of decentralized systems._
_ Proposing a new naming system is one thing. Making sure everybody on the Internet can use it is another. Alternative naming systems face a huge deployment challenge. A number of solutions exist to bridge the DNS to those parallel worlds, but they all come with their own set of drawbacks._
_ Furthermore, the lack of name space coordination, either between those alternative naming systems and the DNS, or simply among those alternative naming systems, will result in unworkable name collisions that could lead to completely separate ecosystems, one for each alternative naming system, further fragmenting the Internet. This is the exact opposite of the vision “one world, one Internet.”_
Thanks,
Jim _______________________________________________ _______________________________________________ CPWG mailing list CPWG@icann.org https://mm.icann.org/mailman/listinfo/cpwg
_______________________________________________ By submitting your personal data, you consent to the processing of your personal data for purposes of subscribing to this mailing list accordance with the ICANN Privacy Policy (https://www.icann.org/privacy/policy) and the website Terms of Service (https://www.icann.org/privacy/tos). You can visit the Mailman link above to change your membership status or configuration, including unsubscribing, setting digest-style delivery or disabling delivery altogether (e.g., for a vacation), and so on.
participants (4)
-
gopal@annauniv.edu -
Justine Chew -
Satish Babu -
Theo Geurts