Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
The Internet

Inside the Rise of the Domain Name System 74

Posted by CmdrTaco
from the it-sucked-back-then-too dept.
Greg Huang writes "Looking back, it's almost impossible to believe that for most of the 1990s, a single company, Network Solutions, had a government-issued monopoly on registering domain names on the Internet. And considering how central the company was to the growth of the Web, it's surprising how little of the company's back story — how it got into the domain name business, or who owned it — has been told. Xconomy has an in-depth interview with two former executives from SAIC, the secretive San Diego defense contractor that bought Network Solutions in 1995 for $5 million and sold off the domain registration business in 2000 for billions of dollars."
This discussion has been archived. No new comments can be posted.

Inside the Rise of the Domain Name System

Comments Filter:
  • Single entity (Score:5, Informative)

    by sopssa (1498795) * <sopssa@email.com> on Thursday July 30, 2009 @10:39AM (#28882941) Journal

    It's interesting that Network Solution was the only handler for domain registration back in 90's and while there are lots of registrars now, they still work under ICANN. Yeah the usual argument in slashdot is that you could always start your own tld, but nobody is going to support it unless you're high in chain, aka ICANN.

    Interesting aspect was a few months ago when EU wanted more freedom from ICANN [slashdot.org] and its association with US. Currently the internet domain name system is pretty much controlled by one entity, which isn't really the purpose of internet, and its also why Network Solution was taken off the domain registration game as the single player. Monopoly is never good.

    Fact is, currently DNS still relies entirely on *one entity*. It goes completely against the distributed structure of the internet.

    • Re:Single entity (Score:5, Informative)

      by Shakrai (717556) on Thursday July 30, 2009 @10:47AM (#28883077) Journal

      Fact is, currently DNS still relies entirely on *one entity*. It goes completely against the distributed structure of the internet.

      So do IP address assignments. So do AS number assignments. Why does nobody ever complain about them? If you want something to be uniquely assigned (domain names, IP addresses, AS numbers) then it seems to me that it's going to have to be centrally managed by someone.

      • Re: (Score:3, Insightful)

        by sopssa (1498795) *

        So do IP address assignments. So do AS number assignments. Why does nobody ever complain about them? If you want something to be uniquely assigned (domain names, IP addresses, AS numbers) then it seems to me that it's going to have to be centrally managed by someone.

        I would.

        However, IP address assigment is not handled by single entity. Theres separate organizations for north and south america, europe, africa and asia. So you're missing the point there.

        • by Shakrai (717556)

          However, IP address assigment is not handled by single entity. Theres separate organizations for north and south america, europe, africa and asia. So you're missing the point there.

          And who do you think gives those organizations the address pools that they hand out?

          • Re: (Score:1, Funny)

            by Anonymous Coward

            The answer to that is obvious: God.

            Duh.

        • by Imagix (695350)
          Actually it is done by one entity. However, IANA turns around and allocated large blocks to ARIN, RIPE, etc. Same idea with the DNS. .com, .edu, .ca, .nz are pointing at other DNSes.
      • by Yvan256 (722131)

        But that someone should be distributed, i.e. a group instead of a single entity. And the systems should be distributed and mirrored too.

        • Re: (Score:3, Insightful)

          by Shakrai (717556)

          But that someone should be distributed, i.e. a group instead of a single entity

          Why?

          And the systems should be distributed and mirrored too.

          The systems are distributed and mirrored. There isn't a single root server for the entire internet running in ICANNs basement......

          • But that someone should be distributed, i.e. a group instead of a single entity

            Why?

            And, more importantly, how?

      • Re: (Score:3, Informative)

        by ivan_w (1115485)

        I could be wrong but I was under the impression that, actually, IP address blocks and Autonomous System numbers are managed by LIRs which get their blocks from RIRs (like RIPE, APNIC, ARIN, etc..) (except Europe which has no LIR) which in turn get their blocks from ....

        The IANA (Internet Assigned Number Authority)

        And ICANN also gets its authority from IANA.

        So it's not centralized per-se, but it's highly hierarchical

        --Ivan

        • by Melkman (82959)
          Where do you get the idea that Europe has no LIR's ? I think RIPE NCC [ripe.net] would disagree.
          • by ivan_w (1115485)

            Ok.. Under RIPE terms, it seems ISPs & such (RIPE members) are LIRs in their own respect.

            I was referring to LIRs as entities being solely responsible for a geographic territory and for the aggregate resources assigned to them by a RIR - as a subdivision of the RIR (the same way as country TLD organization is responsible for assigning zones within a country TLD).

            But nonetheless, RIPE 'LIRs' are nothing much but 'members' or 'customers' since each and every assignment made by a 'LIR' has to be approved by

      • Re:Single entity (Score:5, Insightful)

        by jjeffries (17675) on Thursday July 30, 2009 @12:38PM (#28884709)
        Remember when ICANN routed all unassigned IP space to a helpful web page full of advertisements, breaking many other things in the process?

        Me neither.
      • by dakra137 (1590245)
        There is a concept of a Globally Unique Identifier (GUID) http://en.wikipedia.org/wiki/Globally_Unique_Identifier [wikipedia.org] which, if it were assuredly globally unique, would eliminate the need for both a central dispenser and a registry of unique addresses. Since there is a remote possibility of collisions, where two entities generate the same GUID, a registry is a good thing in cases where it really matters. A central dispenser is not really necessary. This applies to addresses, not names. A dispenser is needed
    • Re: (Score:2, Interesting)

      by kwanbis (597419)
      I still remember the first time i had to call Network Solutions, for a domain issue. I was given this name, and they picked up the phone, and it was like i had called a person's house. Very unprofessional. And i thought, this must be a mistake, this is "international network", it can not be a private company. It was.
      • by treeves (963993)
        Like you called a person's house? In what way? In that you immediately talked to a human being rather than complex interactive voice response system. That's bad? Oh, wait...this is /.
    • Re: (Score:3, Informative)

      by jeffmeden (135043)

      Fact is, currently DNS still relies entirely on *one entity*. It goes completely against the distributed structure of the internet.

      Fact is, there needs to be cooperation if there is going to be ONE internet. Your argument only stands if there were two entirely distinct distribution mechanisms (physical networks) controlled by one entity. Given that there is only ONE network, it makes sense that at some point there needs to be a top level of control. Without it, you get wrestling for control, dirty tricks, etc. which is just as much a bad thing as is a (transparent) monopoly.

    • by AP31R0N (723649)

      i'd get rid of TLDs altogether. There's no reason for allowing WhiteHouse.gov and WhiteHouse.com. WhiteHouse should lead to whoever registered it first unless there is a trademark involved. Only Coca Cola should be able to own CocaCola or c0cac0la.

      • Re: (Score:3, Insightful)

        by Unordained (262962)

        ... if that means that megacorps also can't go around buying up dozens of extra domain names for no really good reason -- one for every special deal they ever offer, every product, every movie they put out, every ... whatever, then sure. You get what you get, and that's it. But that's not going to happen.

        Trademarks are essentially local. Two companies can even operate under the same name, as long as they're not getting in each others' way, creating confusion -- by being in the same market (by product or are

    • by davecb (6526) *

      Everything used to be assigned or registered by IANA, which was a few chaps in their copious spare time (;-))

      Mind you, if you didn't require renewal and charge money, you could do it with a very small company under contract.

      --dave

  • There was a definite advantage in terms of ICANN enforcement of registrar responsibilities when there was only one registrar. Now that we have hundreds or thousands of registrars, we have all kinds of nonsense going on in blatant violation of registrar accreditation terms and ICANN can't keep up with the problems. Which apparently lead ICANN to their new strategy - nothing. Now we have unscrupulous registrars all over the world selling domains to bogus registration information, making it much more difficult to uncover who is really behind various nefarious acts on the internet (including but by no means limited to spam).

    So in the end, the monopoly was indeed broken up, but the consumer lost, and lost big.
    • agreed (Score:3, Interesting)

      for most industries (consumer electronics), it should be an unregulated or lightly regulated free-for-all. this maximizes consumer value

      but there are certain industries where a regulated monopoly makes sense (electricity grids) and competition actually decreases consumer value

      and then there is a third category: certain industries where a regulated OLIGOPOLY makes sense (cable) and competition beyond a select few actually decreases consumer value, and at the same time dominance by one player decreases consum

      • and then there is a third category: certain industries where a regulated OLIGOPOLY makes sense (cable) and competition beyond a select few actually decreases consumer value, and at the same time dominance by one player decreases consumer value as well

        Are you really arguing that the current market for cable in the US is in a good position?

        Far as I can tell from watching Slashdot (I don't live in the US) it's an oligopoly, it's regulated (FCC) and it's about as good as voting is in Belarus [wikipedia.org] ...

        And how about th

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      There was a definite advantage in terms of ICANN enforcement of registrar responsibilities when there was only one registrar.

      Take off your rose tinted glasses, please. Have you forgotten the exorbitant charges for domains when NetSol were the only player in town? May not seem like a big deal to a business, but it certainly prevented the internet from expanding as quickly as it could have, but sooner, due to the lack of affordable options to people who were online at the time. I sure as hell would have had my own domain a lot sooner if it wasn't for the fees that NetSol was charging... and everyone knew it monopolic overcharging t

    • by alen (225700)

      you must be new here

      10 years ago the big discussion here was how unfair it was thet NSI was the only domain name registrar, how it was so corrupt, and how it would be all better once the monopoly was broken

    • Quick note regarding "hundreds or thousands" of registrars:

      For those that don't know, quite a few of those "registrars" listed at http://www.internic.net/alpha.html [internic.net] are used for drop catching (referring to pending deletes, not partner auctions). They're created by the parent companies of Snapnames, Pool and Namejet (obvious ones look like enomxxx). An accurate count of "valid" registrars would include those with standard registar pages and public facing whois. These are arguably on the up-and-up; others

  • Peer to peer db's? (Score:4, Insightful)

    by Anonymous Coward on Thursday July 30, 2009 @11:19AM (#28883469)

    You know, I'm not sure some of you people know how the Naming system works. The difference between the Root Zone and some registrars like Network Solutions(at present)are night and day. If you think a single source of accurate data can be distributed between different companies in different nations, you are high. Really, there are so many things you aren't considering that you short start by considering swallowing your tongue. In the end, there can be only one. It's not that they're just so unhip- it's physical reality.

    And I would comment further, but I shouldn't because I actually know what I'm talking about.

  • >>"Looking back, it's almost impossible to believe that for most of the 1990s, a single company, Network Solutions, had a government-issued monopoly on registering domain names on the Internet." ---Yes, it's amazing that when a brand-new industry formed, there was initially a single dominant company performing a service. We all know that never happens. Usually, an entire slew of stable companies pops up out of thin air and immediately begin filling those service needs.
  • Perhaps a more personal story is the life of Jon Postel, one of the creators of the DNS and the first top level domain administrator. There is a good story about how he held this position almost until his untimely death and the infamous DNS root incident that occurred shortly after he died. I had also heard that Jon held the domains a.com thru z.com. If he had lived into this century, he could have retired on the money that he could have sold them.

    BTW, I believe that most OSes still can have a hosts.t
  • Oblig. (Score:3, Funny)

    by rrohbeck (944847) on Thursday July 30, 2009 @12:02PM (#28884121)

    DNS became self aware at 2:14 am EDT August 29, 1997.

    Be afraid, very afraid.

    That said, it's time for distributed secure name resolution. Those name servers are just too easily messed with. There are many approaches, mostly used in P2P, from Kad to Freenet.

  • by Phroggy (441) <slashdot3NO@SPAMphroggy.com> on Thursday July 30, 2009 @12:08PM (#28884211) Homepage

    Slightly off-topic, but just a reminder: have you patched the BIND security hole [slashdot.org] yet? If you're running BIND 9 and your server is the master for any domains (including localhost), and you haven't patched this week, one malicious packet can crash your server.

    If you have a master nameserver on a private network or behind a firewall, and your public-facing nameservers are all slaves with no master zones at all, you're safe. If your infrastructure is set up like that, except you use rsync over ssh to send updated zone files to your "slaves" but they're actually configured as masters, you're vulnerable. Contrary to what you may have heard, it does not matter whether you use dynamic updates (e.g. from dhcpd) or not.

    This firewall rule blocks all dynamic update requests, including the exploit, on recent versions of Linux (but didn't work on any of my DNS servers, because they're all running older distros):
    iptables -A INPUT -p udp --dport 53 -j DROP -m u32 --u32 '30>>27&0xF=5'

    Of course if you're running djbdns or something else, you can continue to be gleefully smug.

    • by Techman83 (949264)

      Slightly off-topic, but just a reminder: have you patched the BIND security hole [slashdot.org] yet? If you're running BIND 9 and your server is the master for any domains (including localhost), and you haven't patched this week, one malicious packet can crash your server.

      Crashing your server, now that's a bit extreme. It actually causes Bind9 to exit [isc.org] on the master server. Which whilst inconvenient, isn't worth being to histerical about. Any DNS admin worth his salt has geographically and network disperse slave servers to handle queries when the primary cannot be contacted.

      I did an
      apt-get update && apt-get install bind9
      yesterday, so my master dns server is safe now [net-security.org]

  • Get rid of TLDs! (Score:5, Interesting)

    by qazwart (261667) on Thursday July 30, 2009 @12:49PM (#28884865) Homepage

    Get rid of all the top level domains except for the country ones. No more .com, .net, .edu, .org, and all the stupid new ones recently concocted.

    Instead, you just have the country level domains, and allow each country to control their domains the way they see fit. In most countries a domain name would be handled like any other trademark issue.

    In the U.S., you'd eliminate domain name squatting since you must show some sort of actual activity to retain a trademark. Buying "Sporf.com" and sitting on it in hopes that a company called "Sporf" will have to buy the domain from you will no longer be a good business model.

    Will greedy capitalist evil corporations steal your domain? All you have to do is show that you've actively used the domain (and not just merely have a parking page), and that you've registered your trademark with the correct authorities (something that could be done by the domain registrar where you bought your domain).

    In the U.S., domains can be done on a local basis (memphis.tn.us), on a state basis (state.tn.us), or on a national basis (com.us). This way, two local shops called "The Flowerpot" -- one in chicago and one in memphis -- could have the same domain: flowerpot.memphis.tn.us and flowerpot.chicago.il.us. National companies like Apple and Microsoft could get their domains registered as apple.com.us and microsoft.com.us.

    The .com domain could become a virtual domain. You type in a company name with a .com suffix, and your browser will search your local area, then the state, and then nationally for a company with that domain prefix. Thus if I live in Memphis and type in "Flowerpot.com", I get flowerpot.memphis.tn.us. If I lived in Chicago, I get flowerpot.chicago.il.us.

    This would allow us to get rid of TDL sprawl (.name, .info, .biz, .mobi, etc.) that isn't benefiting anyone but GoDaddym It would eliminate all the sniping the the U.S. controls domains because they'll only control the .us domain. And, it would greatly simplify the whole domain registration process.

    • by sakshale (598643)

      That sounds like a nice, clean, scalable solution to me.

    • The biggest mistake was a naive belief that TLDs would be respected, with their silly .com, .org, etc. It created a royal mess of duplicate domain names with irrelevant TLDs as the only difference. Now companies have to buy up .com, .org, .net, etc to protect their domain name, otherwise someone will use other TLDs to sucker in unsuspecting victims into scams.

      Getting rid of TLDs would be painful, but it needs to be done to restore a semblance of sanity. We can then have truly unique domain names and avoid n

      • by dwye (1127395)

        > The biggest mistake was a naive belief that TLDs would be respected, with their silly .com, .org, etc.

        No, the biggest mistake was opening the domain registration process so that every Tom, Dick, and Harry thought that they should have their own. Things were much better controlled when the domain fees were too high to make fake domains worth it except for those with a real interest and those with an obsession.

        > Now companies have to buy up .com, .org, .net, etc to protect their
        > domain name, othe

    • Re: (Score:3, Insightful)

      by evilviper (135110)

      Instead, you just have the country level domains

      Oh good. Then anyone with international interests has to maintain several hundred domains, to make sure they are easily found by people around the world looking for them...

      Buying "Sporf.com" and sitting on it in hopes that a company called "Sporf" will have to buy the domain from you will no longer be a good business model.

      Oh good. Then it'll just be Sporf farm equipment fighting with Sporf housewares, and Sporf online store, fighting it out for control of

      • by hitmark (640295)

        they do most of the time these days anyways, having the national ones point back to a global one under .com with a sub-page for that nations language.

    • by hitmark (640295)

      allow me to join that banner, as i have been advocating the same opinion for quite a while now.

    • by thomasdn (800430)

      Will greedy capitalist evil corporations steal your domain? All you have to do is show that you've actively used the domain (and not just merely have a parking page),

      What if I have never used the domain for web pages, but have used it for e-mail? How do you prove/disprove that?

      and that you've registered your trademark with the correct authorities (something that could be done by the domain registrar where you bought your domain).

      I have the domain thomasdamgaard.dk [thomasdamgaard.dk], which is not a registered trademark but a personal name. Shouldn't I be allowed to own this domain?

      What if I think a domain, say, foo.tld is a cool name for a website, I plan to make. Shouldn't I be allowed to use that? Say I register the domain in 1999, but then in 2009 some company called Foo Inc. wants the domain. Maybe the company even has a trademark

  • Before there were domain names you had to upload a new /etc/hosts periodically. These became unwieldly were the internet increase to more than ten thousand sites.
  • SAIC is "secretive"? Uh, ok, sure they do some military work, and a couple floors of their office building have security checkpoints you have to pass through since they work on various classified stuff, but they're hardly secretive. They do a lot of different stuff, and a number of my friends worked their over the years. Hell, when I was working on VR arcade games back in the day, they invited my dad and I over to their complex in La Jolla to try out a new VR racing game they'd developed.

    Looking back on tha

    • Agreed. I'm a Sysadmin of the "secretive" SAIC. It's funny to hear us described like that.

      I do especially like the "dirtbags" tag for NS, though. I can't stand them, even though we do get bottom-barrel pricing through them here at SAIC (via secretive back-room dealings).

      I use Gandi.net for my personal domains. They seem to be the antithesis of poor registrars such as GoDaddy and NS.
      • by dwye (1127395)

        > even though we do get bottom-barrel pricing through them here at SAIC (via secretive back-room dealings).

        You at SAIC once owned part of Networks Solutions (you may still, for all that I know); I expect this is why, and I expect that the dealings were not very secretive, either. I know as SAIC also once owned part of the company that I worked for, as well, back in the late 1990s.

        • Indeed. That's why I was saying that we get bottom-barrel pricing. I'm sure we cut some kind of deal with NS when they departed.
  • Karl Denninger (who now makes his living from his Florida retirement home, trying to break the story on how Goldmann-Sachs used network taps to frontrun all trades on Wall Street, and runs his Market Ticker blog) and Kashpureff tried to break these guys and establish alt roots in 97. Anyone remember that eDNS fiasco? It didn't last long, nobody followed their pied-piper song.

    These guys made a fortune, grabbing Net Solutions when it was obviously mismanaged, and used their background as junior grade Ross
  • Really, it's impossible to believe? Fed. Reserve is owned by a single family. ISBN system is owned by a single family. There are many "regulatory" institutions that are completely owned by a family or organization. Net Sol is just following suit.
  • by erlkonig (15872) on Thursday July 30, 2009 @03:44PM (#28887845) Homepage Journal

    I've been on the Internet a long time, so I remember sri-nic.arpa, nic.ddn.mil, rs.internic.net, and even downloading the Internet host address file, with about 8000+ IPs in it. The early organization was very clear about preserving the namespace of domain names for future generations, with base policies (I believe these are all correct, but it might just be 3 out of 4) of:

    * The domain name must relate to the purpose of your organization.

    * .net is reserved for network infrastructure, .org for only non-profits, .com for commercial (.mil and .edu are still fairly pristine), etc.

    * You must establish two nameservers, that must not be on the same subnet, and must already be providing DNS for the requested domain.

    * Each requester gets a single domain, the idea being that the requester's entire organization would then be fully served.

    Although they weren't really thinking about the upcoming explosion in web use, their thinking certainly allowed for an explosion in *sub* domain names. So instead of lots of ridiculous domains like www.iatemygrandmamovie.com, we might have later seen something like iatemygrandma.movie.com, with some group running a movie.com site, and an easy way to find a bunch of them, instead of the crapshoot we have now.

    So where did the corruption set in? Once the idea of charging for a domain name popped up, some bright boy got a gleam in his eye when a company - I think it might have been Proctor and Gamble - violated registration policy by requesting scores of domain names based on ailments (and possibly some body parts). There was a similar polydomain request by some other group around the same time. Both generated a flurry of controversy. And our illustrious registrar suddenly demonstrated its modern, capitalist colors, dumping the past, conservative policies and making its new mission one of simply selling off every possible domain name, in every possible TLD, as fast as possible.

    Effectively, they sold out on future generations' needs in an exercise of total, corrupt greed. The registrar flipped on every policy, encouraging multiple registration of domains, flagrantly pushing registration in every possible TLD, dropping the domain server requirement, dropping the relevancy concept, and now even pushing for more TLDs, in order to sell even more completely unnecessary extra domains.

    The idea of allowing some company to register thousands of obviously unrelated domains for cybersquatting would have been anathema in the pre-profit days, but Network Solutions just doesn't care. And that ridiculous article completely misses *all* of this.

Physician: One upon whom we set our hopes when ill and our dogs when well. -- Ambrose Bierce

Working...