
Can Namecoin obsolete ICANN (and more)? - hoggle
http://theumlaut.com/2014/02/05/namecoin-icann/
======
elidourado
Article author here. Just wanted to add that if any of you work for companies
that send engineers to the IETF, there is an Internet-Draft RFC that would
normalize the use of several P2P pseudo-TLDs such as .gnu, .zkey, .onion,
.exit, .i2p, and yes, .bit, which is what Namecoin is squatting on. Would be
great to see everybody supporting it.

[http://tools.ietf.org/html/draft-grothoff-iesg-special-
use-p...](http://tools.ietf.org/html/draft-grothoff-iesg-special-
use-p2p-names-02)

------
unlimited_power
I'll plug BitShares DNS--a Namecoin competitor I am working on--here:
[http://nmushegian.github.io/dns/](http://nmushegian.github.io/dns/)

Whitepaper and FAQ are not quite up to date but you get the idea. From:
[https://github.com/nmushegian/dns/blob/master/whitepaper.md#...](https://github.com/nmushegian/dns/blob/master/whitepaper.md#comparison-
to-namecoin)

\- Namecoin issues new coins to miners as a reward for performing merged
mining with the Bitcoin network. The namecoin supply is being inflated at
nearly 30% per year for several more months, then over 10% for the next
several years. Domainshares only ever shrink in supply, when fees are
destroyed as implicit dividends.

\- Namecoin attempts to service multiple namespaces at once. .p2p is highly
specialized for servicing the .p2p TLD namespace. The use case is the same as
Namecoin's "d/" namespace, which is used for the .bit TLD.

\- Namecoin's name registration price is fixed at any given time and is
independent of the name itself. Domainshares utilizes an auction-like mechanic
to incentivize price discovery for names, making sure the final owner pays
what it is actually worth. The majority of the final cost will have gone to
the network as dividends by the time the auction is over, with a small
fraction having gone to bidders as a reward for price discovery.

\- As a result of the fact that domains are expensive and there are dividends
on shares but not domains, there is a high opportunity cost to squatting:
holding a domain without making good use of it.

~~~
michaelt

      Domainshares utilizes an auction-like mechanic to 
      incentivize price discovery for names, making sure 
      the final owner pays what it is actually worth.
    

How would this work for, say, google.com ?

~~~
unlimited_power
We are still working on the exact mechanics (open to suggestions!), but the
simple first model is:

\- The price starts at 0 and people bid it up to the market value

\- If someone makes a bid B1, then someone makes a next bid B2 = B1 + D, then
person 1 receives (B1 + D/2) and the remaining D/2 gets paid as fees to
network (and thus become shareholder dividends)

\- This incentivizes people to bid up the price to what they consider the
market value, because of the extra portion they receive when they are outbid

\- This also disincentivizes squatting because you will pay more for buying
and selling the domain than you would have received as network dividends had
someone else just bought the domain

~~~
michaelt
So if I buy a cheap unused nonsense word domain (say wikipedia.org) and turn
it into a valuable domain by making a popular website many people visit and
link to, 'the network' gets to shake me down because wikipedia.org is worth
$20,000,000 now instead of the $20 I paid for it?

And as an end user, I don't know if visiting or e-mailing wikipedia.org will
take me to an encyclopedia or a cybersquatter or a porn site?

Who exactly benefits from this system, except for 'the network'?

~~~
oco101
Not sure what you mean exactly but it works like that : Once you buy your
domain at 20$ is is yours and you do whatever you want with it. The bidding
auction applies only the first time you buy it nobody can touch your domain
name one you purchased it.

------
quasque
I expect it will obsolete ICANN as effectively as AlterNIC, New.net, OpenNIC,
etc.

The technical fact that it is blockchain-based really doesn't make much
difference as it's incredibly unlikely to be adopted worldwide, due to the
network effect of the already-established domain name system.

~~~
brownbat
The telegraph, MySpace, and AOL had network effects.

It's a hurdle, but it's not insurmountable. The question is whether namecoin
provides anything sufficiently more appealing to all players to overcome that
headwind...

~~~
quasque
As it stands now, a domain name owner in the current system probably has more
risk from domain hijacking than authoritarian censorship.

So the main feature of Namecoin - to provide a censorship-resistant,
cryptographically untamperable set of domain name records - is also its
biggest disadvantage, as recovery of any stolen domain names is entirely up to
the goodwill of the thief.

This reason alone would make it very unappealing for most domain name owners,
because as well as going against the established domain name system, it must
also break societal expectations of redressing thefts through legal means.

~~~
larrys
"So the main feature of Namecoin - to provide a censorship-resistant,
cryptographically untamperable set of domain name records"

And the above means zilch to the majority (let's pick an arbitrary 95%) of
domain name owners (source: I am intimately involved in this business since
the start and deal with these owners)

Do people seriously think that the millions of existing domain name owners are
going to undo years of marketing effort for something that they don't even
need? Local restaurant for example has no issues with censorship at least with
respect to their website.

~~~
quasque
I agree. It may have a solid use case in providing name services alongside
existing anti-censorship, anonymised networks like Tor and I2P, but for
mainstream use Namecoin provides no benefit.

It's an interesting experiment though.

------
doctoboggan
I am using namecoin to resolve bittorrent sync secrets in my distributed
browser Syncnet:

[https://github.com/jminardi/syncnet](https://github.com/jminardi/syncnet)

It was fairly easy to integrate

~~~
higherpurpose
Why not use the open source Clearskies instead of BTSync?

[https://github.com/jewel/clearskies](https://github.com/jewel/clearskies)

~~~
dfc
Did you intend to link to a repository of markdown files?

~~~
doesnt_know
I don't know anything about the project but it looks like there is a working
implementation of the protocol in ruby in that linked repository (just not in
the master branch).

There is also an in-progress c++ implementation of the protocol in a different
repo [1].

Even so, it's pretty clear that the thing isn't ready yet and even states that
it shouldn't be used for anything other than test data.

[1][https://github.com/larroy/clearskies_core](https://github.com/larroy/clearskies_core)

------
gomox
I have been looking at *coins for a while and the implications of the
blockchain-based concensus system are interesting.

The system really maps the real world onto computers very well, in that it
reduces what used to be technical issues to "political" issues. These systems
work on concensus, and as such, require a significant amount of interested
parties to work in the expected way. They are very much subject to network
effects that only occur after critical mass is reached.

Namecoin, in particular, was subject to a major security issue last year:
[http://www.reddit.com/r/Bitcoin/comments/1ohyom/fatal_flaw_i...](http://www.reddit.com/r/Bitcoin/comments/1ohyom/fatal_flaw_in_namecoin_found_doesnt_enforce_some/)

Blockchains are being used to implement solutions to different problems, and
they could really solve some significant problems such as decentralized
identity and reputation management (!). The difficulty lies in creating a
significant enough "currency" so that miners will become involved and make the
blockchain stable and reliable.

Bitcoin is a currency in a much stronger sense than namecoin or any other of
"not-really-money-coins" around. I wonder if piggybacking on bitcoin might
actually be the solution for this situation (i.e introduce other information
in the bitcoin blockchain instead of using a brand new one).

Sadly, adding external information to the blockchain could be construed as
"spamming the blockchain" and therefore not deemed worthy for inclusion in the
bitcoin blockchain by miners. So there is a big challenge there.

If you are interested in this topic and want to work on related projects feel
free to reach out (google my username).

~~~
elidourado
> Blockchains are being used to implement solutions to different problems, and
> they could really solve some significant problems such as decentralized
> identity and reputation management (!). The difficulty lies in creating a
> significant enough "currency" so that miners will become involved and make
> the blockchain stable and reliable.

Author of the original article here. Namecoin is actually merge-mined with
Bitcoin, so miner participation is not a serious problem. There's no way you
could have known that without happening to know that, though, and I agree that
this is an issue for a lot of new blockchain-based technologies.

~~~
gomox
Maybe I've misunderstood it, but how does merge mining create an incentive to
mine namecoins? I figured all it did was make it "cheaper" to mine namecoins
by "reusing" work done for the bitcoin blockchain. In order for the namecoin
network to function, you still need to actively get involved with it.

Here's some information on merge-mining for anyone else involved:
[http://bitcoin.stackexchange.com/questions/273/how-does-
merg...](http://bitcoin.stackexchange.com/questions/273/how-does-merged-
mining-work) [http://dot-bit.org/Merged_Mining](http://dot-
bit.org/Merged_Mining)

~~~
elidourado
Most of the major Bitcoin mining pools also mine Namecoin. The current
Namecoin hashrate is around 60% of the Bitcoin hashrate.
[http://bitinfocharts.com/comparison/hashrate-btc-
nmc.html](http://bitinfocharts.com/comparison/hashrate-btc-nmc.html)

~~~
gomox
Well, that's a lot! I didn't expect it to be significant compared to the
bitcoin pool.

Do you know how that came to be? i.e how did they convince everyone to start
mining namecoin? Or was it just good timing WRT bitcoin?

~~~
wmf
Merged mining has good incentives since it basically gives free money; for the
same work of mining Bitcoin you can mine Bitcoin and Namecoin simultaneously.

------
rakoo
Note that you can use namecoin blockchain with your DNS and HTTP tools with
dnschain [0]. Check this out:

$ dig @dns.dnschain.net okturtles.bit

$ curl
[http://dns.dnschain.net/d/okturtles](http://dns.dnschain.net/d/okturtles)

Both of them will resolve to whatever info is stored in d/okturtles domain.

With the (soon-to-be) DANE support (for those who forgot: DANE is about
distributing TLS keys through a channel you trust (it comes from the domain
you're visiting) but that is not the same as the final application (it's DNS,
not HTTP/SMTP/IMAP/XMPP/etc), so you can prevent MiTM), I don't see what's
missing technically to have our own internet.

[0]
[https://github.com/okTurtles/dnschain](https://github.com/okTurtles/dnschain)

~~~
nly
> DANE is about distributing TLS keys through a channel you trust

Only to the extent that you and your visitors already have to trust your DNS
provider, your domain registrar, the TLD registry, and the DNS root. Neither
DANE nor DNSSEC intrinsically solve anything that hasn't already been solved
for end users... particularly when you consider forwarders will have to accept
unsigned zones for years to come.

Namecoin etc does go some way to "squaring Zooko's triangle" (as many good
minds have discussed already) but proof-of-work chains have their own burdens,
and are not any more immune to the lure of trading robustness and security for
convenience than traditional DNS forwarders, online DNSSEC signing, or
webmasters offering up their SSL certificates up to CDNs.

~~~
rakoo
> Only to the extent that you and your visitors already have to trust your DNS
> provider, your domain registrar, the TLD registry, and the DNS root.

Which is not something I want to do, hence my push for namecoin :)

> proof-of-work chains have their own burdens

Do you have more information about how it can be detrimental to namecoin,
specifically distributing DNS information ?

------
zimbatm
Do namecoins have to be renewed or are we going to have old good domain names
infinitely unavailable because someone forgot their key ?

~~~
elidourado
They have to be updated around every 36,000 blocks (about 250 days), or else
you relinquish the name. It can be just a "touch" update, no need to change
the information.

~~~
ycombasks
Do you have to pay the 0.01 fee to update?

------
chime
Can I register google.bit, facebook.bit, apple.bit, oracle.bit, and
microsoft.bit for a total of $0.25? Can they do anything to get it back?

~~~
GigabyteCoin
No, you could not register those names. Because they are already registered.

They could ask very nicely for ownership of them, or perhaps send you a court
order depending on what country the both of you were located in. But unless
you provide them with the private key or fail to renew your registration...
nobody should ever gain control of any .bit domain.

A Kraken.com dev looking into the namecoin code found a flaw and declared on
the Namecoin blockchain that "Namecoin died October the 15th 2013, coinslayer"
by re-writing the DNS values for the very first .bit domain ever registered
(which is bitcoin.bit).

The flaw allowed for some people to "steal" domain ownership, but a patch was
put through and everything is back to normal now. As far as I know, all
domains are back in the hands of the original registrars.

This link shows the entire debacle taking place:
[http://explorer.namecoin.info/n/1](http://explorer.namecoin.info/n/1)

~~~
tomp
> No, you could not register those names. Because they are already registered.

Who are they registered by?

~~~
chnx
You can explore the blockchain here:
[http://explorer.namecoin.info/](http://explorer.namecoin.info/)

~~~
Perseids
So we don't actually know who the owner is, if the best information we've got
is a blockchain lookup?

------
ChuckMcM
Given the news around bitcoin one could imagine that stealing 'google.bit' out
of the google wallet[1] would be a pretty lucrative target.

[1] No I don't really think Google would let that happen but Bob's Bakery Buns
might and it could cost him his business.

~~~
notahacker
Bob's Bakery Buns isn't likely to pick a web address that - at this stage -
requires potential visitors to his site to download a plugin to find it. I'd
be interested to see what percentage of major brands' .bit addresses become
owned by the brands rather than squatters. If the latter percentage is
sufficiently high you can pretty much guarantee that fear of phishing will
make browser vendors very wary of seamlessly integrating .bit resolution into
the standard browser build.

------
ericmsimons
How long does it take to resolve a namecoin key=>value pair? Considering the
variable speed in these sorts of decentralized networks, is there a noticeable
lag when you initially request a .bit website?

~~~
rakoo
All the blockchain is local. The time taken to resolve a key->value pair is
the time your software takes to decode information from your disk; it's
nothing compared to DNS.

Change propagation, on the other hand, is as long as blocks can travel from
peer to peer.

~~~
VikingCoder
Hmm - if your ISP has a good DNS, and has a cache hit on your DNS request,
versus if you have to seek your HD, the DNS might be much, much faster.

[http://www.eecs.berkeley.edu/~rcs/research/interactive_laten...](http://www.eecs.berkeley.edu/~rcs/research/interactive_latency.html)

Round trip in same datacenter: 500,00ns.

Disk seek: 4,000,000ns.

You have to lean on the numbers pretty hard to make the DNS faster, but it's
possible it could be faster than your local disk.

~~~
al2o3cr
Pretty sure the intersection of the set of people who worry about DNS
performance and the set of people who are still running servers exclusively
off spinning rust is nigh-vanishing...

------
stormbrew
To me the real problem with namecoin for the purpose stated in the title of
this post is that it doesn't emphasize delegation to near the degree necessary
to achieve it. The current implementation is much more like the older name
system in that it requires the list of canonical names to be distributed as
widely as possible.

There is a reason the root nameservers only delegate the act of name lookup at
the top level. It's just not practical for them to have a complete list, and
it's not even particularly desirable for users of it to have their list of
names completely public (think internal servers).

It is possible to name a delegate nameserver through namecoin, I believe, but
last I looked it was a bit iffy and it doesn't require any kind of
authentication of results from the delegated nameserver a-la dnscurve.

~~~
Rhapso
The realistic use case is to use a tree-structure similar to the one we have,
then use namecoin as verification.

------
bikamonki
Why do we asume that domains have to be 'unique' like trade/brand names? I
have a name, shared with my grandfather, father and son; in the right context,
you would never confuse one for another. Furthermore, my name is shared by
probably thousands in my country; again, I have never been confused with any
of them. So, if the whole point is to translate human readable (and memorable)
words to IPs, and in the event that the DNS returns more than one result,
can't the browser display a search-results-like page letting one know there
are options? Wikipedia does it and that is THE descentralized knowledge store
of the planet. Maybe if I type homes.com I mean local homes first, like Google
rankings, but is ok if someone else is using homes.com elsewhere.

Think about it...

~~~
dfc
Does Jon Postel's ghost decide if I want local or non-local homes when I send
email to bob@homes.com?

Side note: Wikipedia is _NOT_ the decentralized knowledge store of the planet.
There is nothing decentralized about wikipedia.

------
mrfusion
Has anyone created an easy to use name coin registration system so non-
technical people can register names?

It seems like that would be a good opportunity?

~~~
elidourado
There is [https://dotbit.me/](https://dotbit.me/) , but who knows how
reputable that site is? Just as Bitcoin needed something like Coinbase, the
Namecoin ecosystem needs a web wallet with reputable backing.

~~~
mrfusion
I guess not necessarily even a wallet.

A non technical user shouldn't even have to own or even know about name coins.

They simply want a way to register a cheap, non-censorable domain, right?

I'm imagining someone would make a service that offers that.

------
cordite
So, what happens if your domain gets hijacked?

~~~
GigabyteCoin
Domain hijacking is impossible without access to the private key that controls
the information written in the blockchain concerning that domain.

If somebody gets your private key, they can "steal" your website away from
you, sure. Just don't let anybody access your private key.

~~~
PeterisP
So, your answer is - if your domain does get hijacked, then you're out of luck
unless you pay the hijacker? That's a serious flaw.

Most people _don 't_ want their technical infrastucture to be immune to law
enforcement, just the contrary.

~~~
GigabyteCoin
That's not my answer.

That's how Namecoin works.

Namecoin is just a name/value store system. That's it. It might not be perfect
for DNS but it's being used for other things like
[https://onename.io](https://onename.io) right now.

The public can choose to use it in it's current implementation or build a
better way of dealing with domain hijacking should they so choose.

~~~
PeterisP
Sure, it has a wide variety of niches which it fits greatly, and where it can
be successfully used - but if anybody considers it as a solution to obsolete
ICANN, as the original article proposes, then it's an entirely different
ballpark than being just a name/value store; and rather different criteria for
success.

------
thisiswrong
"(...) the cryptographic-decentralization Zeitgeist makes it an exciting time
to have and use names"

Yes. Very true. For anyone interested in the above statment i'd highly
recommend checking out [http://twister.net.co/](http://twister.net.co/) \- a
decentralized micro-blogging spin-off of bitcoin. Unbelievable innovation is
happening!

------
gdh73
Why is it called Namecoin and not something like Bitname or Bitdomain?

~~~
GigabyteCoin
That's just the name that the original founding coder (vinced from the
bitcointalk forums) chose and nobody has wanted or bothered to change it:
[https://bitcointalk.org/index.php?topic=6017.msg88356#msg883...](https://bitcointalk.org/index.php?topic=6017.msg88356#msg88356)

Some chose to refer to it as the dot-bit project as well.

I have never seen any arguments over the name.

namecoin == nmc == dot-bit

------
dual
MeowBit is system service for Windows which allows for resolution of dot-bit
domains across all applications. [http://meowbit.com](http://meowbit.com)

------
transfire
Could we just get rid of naming _authorities_ all together? Why not just let
trusted _listing agencies_ handle it and users can simply pick the one(s) they
wish to use. For instance, let's say I want to publish a website under the
name "sony". Okay, that's fine, but it's going to get a lower priority then
the offical Sony, Inc. site b/c any listing agency is obviously going to serve
up that site when a user puts "sony" in their browser's address bar. However,
a user could opt for an alternate listing agency --maybe one the offers no
commercial listings, and then maybe my site would come up through them.
Browsers could make it easy to switch between listing agencies and prioritize
them.

~~~
olalonde
This is already possible with the current DNS system. The listing agencies are
commonly called "DNS servers" and they may chose to disregard the
_authoritive_ DNS servers. End users can typically list which DNS servers they
want to use by order of priority within their OS/browser DNS settings.

