A System Is Only Secure When Nobody Has Total Control
— Caleb James DeLisle
- 1 Current state of DNS on Hyperboria
- 2 Efforts in decentralized DNS
- 3 Other Resolvers
- 4 Discussions
Current state of DNS on Hyperboria
You can use the current DNS to connect to some nodes in the Hyperboria. There isn't a decentralized solution yet. That doesn't mean that the current DNS can be useful even if it has it's flaws.
Using existing DNS infrastructure
When you need to ping your node a lot, copying and pasting the IP address becomes cumbersome. If you own a domain already you could set an AAAA-record to your fc00::/8 address.
If you plan on doing this make sure to create a subdomain which only has one AAAA-record. If a (sub)domain has an A-record and an AAAA-record it returns the A-record if the lookup came from an ipv4 host.
Usualy you will see
cjdns.example.com as Hyperboria domains. There are however some domains which are Hyperboria only but are still on the current DNS for easy usage (No new dns server need to be added). Example: uppit.us
Efforts in decentralized DNS
There are some project currently in development that try to accomplish a decentralized/distributed DNS. The person to contact is liamzebedee.
DIANNA is an Decentralized Internet Assigned Names and Numbers Authority. DIANNA uses Bitcoin Block Chain to implement an authoritative distributed name and numbers record storage.
DIANNA2 Decentralized key-value storage project without infinite blockchain storage and without currency capabilities (currently in Russian only)
- Securely register names (domains for example), no possible censorship!
- Trade and transact namecoins, the digital currency NMC.
Namecoin has gained (some) acceptance among the community, but there's been very little adoption.
Nxt is a peer-to-peer crypto-currency 2.0. Is has the ability to store aliases with arbitrary data and this has been leveraged to store domain name/alias to ip address mappings. In conjunction with a DNS bridge like NxtHypeDns it is possible to use the Nxt system and its aliases to resolve domain names into Hyperboria compatible ipv6 address right now. In fact there are already a dozen of the most popular hyperboria destinations registered within Nxt. Once these domains are transfered to their rightful owners (for free) then the address resolution can be trusted as long as they own their private keys.
This system is up and running right now, name registration costs 1 Nxt (0.03 cents) and takes about 1 minute to confirm.
Benefits over Namecoin is Nxt is a Proof-of-stake system, so no wasteful mining is involved. In fact the Nxt client can run on minimal hardware such as the Raspberry Pi. Nxt also has a very active development community.
Emercoin is a cryptocurrency like Namecoin that also has built-in support for DNS, providing a framework to store and maintain key->value pairs in its decentralized database. Emercoin DNS can support virtually any DNS zone however to prevent collisions with existing DNS zones, two main zones are supported: *.emc and *.coin. Each instance of the Emercoin software contains a simple built-in DNS server supporting the standard RFC 1034 DNS protocol. It is thereby possible to integrate Emercoin DNS into a regular DNS tree via a DNS proxy or full service DNS server.
P2P-DNS is an alternative DNS system which relies on distribution to be censor resistant. There is no central authority here! Records will be authenticated by a public/private key system, where only the owner of the private key can change the domain.
Web of Trust DNS
WoT-DNS is a proposal for a new P2P based DNS system.
This system decides where a domain name like reddit.wot should go based on your trust, as an invidividual; it does not care about the opinion of random strangers. You are the one who choose who's trusted and who's not, since it's using WoT (web of trust). Also, domain names are intentionally NOT globally unique, since the only way to achieve that is with a centralized service or a first-come, first-serve system like Namecoin, and I dislike both those solutions. This means that if you would ask for a sitename like reddit.wot, you could get many results instead of going straight to one site. But whenever one site is trusted (for you) much more than the rest (like reddit's official site would be), that's where you'll go.
— Author Unknown
Service Location Protocol
SLP is a protocol for finding services within a network. It does not resolve hosts, but rather services to hostname or IP. It can operate over multicast or unicast, with or without prior configuration. SLP supports authentication, but requires out of-band-key distribution. For more information see RFC 2608.
The Mesh-enhanced Service Location Protocol (mSLP), extended SLP with meshed Directory Agents that distribute service registrations by scoped namespaces. mSLP could potentially operate over CJDNS, but still has key distribution issues and may not scale well. See RFC 3528.
Zeroconf resolves hosts and broadcasts services without configuration, but with no authentication. Can be used over multicast or unicast networking.