RFC 9498 on the GNU Name System

RFC 9498 on the GNU Name System(rfc-editor.org)

142 points by stargrave 2 years ago | 37 comments

nabla9 2 years ago |

A distributed naming system intended to work with mesh networks like GNUnet.

GNS does not support names which are simultaneously global, secure and human-readable. Instead, names are either global and not human-readable or not globally unique and human-readable. In GNS, each user manages their own zones and can delegate subdomains to zones managed by other users.

For example, ICANN could just create 'DNS zone' that would embed DNS as a zone into GNS.

zcw100 2 years ago | |

Zooko's triangle https://en.wikipedia.org/wiki/Zooko%27s_triangle You can't have it all.

schanzen 2 years ago | |

Indeed that would work. In theory. Especially since we thought of that use case (delegation into DNS) with the GNS2DNS record type.

There is a BUT: You need an initial label for ICANN zone to resolve the names. Unless you have a resolver implementation that "hides" the zkey of ICANN in the UI. But technically, under the hood, a name for this ICANN zone would look like:

www.example.com.THEICANNZKEY...

ICANN could also publish the TLDs individually as zones, however, and you could have an "ICANN Start Zone" (see Start Zone in the RFC) consisting of the TLD/zone key mappings.

remram 2 years ago | | |

Since the TLDs are multiplying with no end in sight, using a zone key seems smart.

tecleandor 2 years ago | |

Or, I guess, "someone" could apply for a custom gTLD and link it. Of course, that "someone" would need the $200K needed to review the application and all that stuff :P

grothoff 2 years ago | | |

Eh, you realize that this very work on the GNU Name System prompted IETF to create the ".alt" zone for this purpose already, minus the $200k fee? Registration is open at https://gana.gnunet.org/dot-alt/dot_alt.html

extraduder_ire 2 years ago | |

I'd settle for global and not human readable, if it means I get a domain I can use as a CNAME on a nicer domain.

Dynamic dns services are nice and all, but needing to pre-register gets kind of annoying.

nine_k 2 years ago | | |

It can't possibly work, if you want your nicer domain to be globally unique.

If you don't, it depends on how local your domain needs to be; maybe all you need is a record in /etc/hosts on your home router.

chrismorgan 2 years ago |

Note that this is in the Independent Submission stream, Informational category:

> This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not candidates for any level of Internet Standard; see Section 2 of RFC 7841.

dfox 2 years ago | |

Which is the case for vast majority of RFCs.

ekr____ 2 years ago | | |

Some clarification might help here.

People usually think of RFCs as being the output of the IETF, and the IETF is the biggest contributor by far. Roughly half of the IETF's RFCs are standards or on what's called the "standards track" (most Internet standards are formally at the "Proposed Standard" rather than "Standard" level). The remainder have some other status such as "Informational".

However, there are also other entities that publish into the RFC Series, including the Internet Research Task Force (IRTF), and the Internet Architecture Board (IAB). In addition, there is what's called the Independent Stream, in which an appointed editor just determines what documents can be published. Importantly, this last category hasn't gone through the IETF consensus process: they're just something someone wanted to publish as an RFC and the Independent Series Editor agreed. GNU Name System falls into this category.

toomim 2 years ago |

Previous discussion of GNU Name System: https://news.ycombinator.com/item?id=32222360

ggm 2 years ago |

I have mixed feelings. A unitary root of naming and the dns is a huge value proposition to walk away from. Fitting gnu names under .alt is only partly ameliorative.

crotchfire 2 years ago | |

I see it exactly the opposite way.

Over time the unitary root of naming has attracted increasing levels of censorship, tracking, abusive seziure, and oppression.

The dream of a worldwide namespace has become a nightmare. Let's wake up.

Joker_vD 2 years ago | | |

...and do separate nation-wide namespaces? We have those already, and they're actually the main source of censorship, abusive seizure and oppression.

Also, whether there is one namespace root or many, we all still live in a single world.

zaphar 2 years ago | | |

Okay, you named some downsides of the unitary root. Now name the downsides of non-unitary roots.

Otherwise your proposal lacks the context to decide if it's a worthwhile tradeoff or not.

schanzen 2 years ago | |

Basically that means you have an issue with https://www.rfc-editor.org/rfc/rfc9476.html, not GNS.

GNS, in theory, could replace DNS (the technology) and reuse its current root governance model as default.

From the point of view of GNS namespace governance is separate from name resolution protocols. Of course, from the point of view of a lot of DNS folks, DNS is both: The governance (ICANN) and the technology (RFC 1035 et al) and indivisible.

Karrot_Kream 2 years ago |

Has anyone been following along with what the plan is for GNS? An RFC is quite cool but are there any zones being distributed over GNS to play around with?

schanzen 2 years ago | |

We are currently working on mirroring some DNS TLDs: https://www.gnunet.org/en/news/2022-11-NGI-Entrust-GNS-TLDs....

I have been a bit preoccupied with the RFC and other stuff recently, but its progressing.

Karrot_Kream 2 years ago | | |

Thanks! Big fan of the project, I've been following it for ages. Thanks for the hard work.

pierrelf 2 years ago |

Cool! Seems similar to Handshake domains?

toomim 2 years ago | |

GNS seems not to replace the actual names like Handshake -- but just the protocol for distributing the names across the network. [1]

[1] https://news.ycombinator.com/item?id=32223129