Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Network Networking The Internet

Why Any Competing Whois Registry Model Is Doomed 63

CowboyRobot writes "In Paul Vixie's latest essay, he argues that the alternative to the Whois registry model is flawed and that we should be learning from the mistakes of the history of proposed alternatives to the DNS. 'Any proposal for a competing Whois registry model is as doomed by design and destiny as every alternative DNS system. Even if it succeeds at first, it would fail after copycatting occurred.'"
This discussion has been archived. No new comments can be posted.

Why Any Competing Whois Registry Model Is Doomed

Comments Filter:
  • Unless it is a distributed DNS [torrentfreak.com] without some Gov/Icann/Corporate model.
    • There's certainly room in the Marketplace of Ideas for namespaces that work in ways other than hierarchies controlled by the Trademark Gods. Also, DNS is both a namespace and a delivery system for that namespace runnning on a distributed set of name servers - it's possible to run the delivery system of DNS in many different ways, and in fact we've seen a transition of most of the upper levels from conventionally-routed IP to anycast, and a wide range of different kinds of servers people use for their subdo

  • by Osgeld ( 1900440 )

    is there really that big of a concern or is this just some essay for the sake of saying something and getting yet another "who?" name in a story

    • Re: (Score:1, Informative)

      by Anonymous Coward

      This 'who' actaully built some credibility... http://en.wikipedia.org/wiki/Paul_Vixie

    • Re:I dont follow (Score:5, Insightful)

      by eln ( 21727 ) on Thursday July 21, 2011 @10:36AM (#36835188)
      It's not that big of a concern, and that's the real reason any alternate DNS system is doomed to fail. Vixie's concerns with copycatting and whatnot may be justified, but the simple fact is the current system isn't painful enough for most people, even most network admins, to go to the trouble to switch to something different. Hell, IPv6 has been a standard for 15 years, and hardly anyone uses it. Sure, we'll all switch eventually when the pain of staying with IPv4 is greater than the pain of switching to IPv6. Similarly, if the pain of staying with the current whois system ever gets great enough to contemplate switching, people will do so. I don't see that happening in the foreseeable future, though.
      • Re:I dont follow (Score:4, Insightful)

        by bill_mcgonigle ( 4333 ) * on Thursday July 21, 2011 @11:56AM (#36835980) Homepage Journal

        Hell, IPv6 has been a standard for 15 years, and hardly anyone uses it.

        But we can't deploy standards, only implementations.

        Windows 7, OSX Lion, and Fedora 16 [fedoraproject.org] will all handle IPv6 properly. Previous versions all have certain problems that need workarounds, and it's probably not worthwhile for most users if there are corner cases to worry about. And if you're not on an expensive commercial Internet pipe, you can't even get IPv6, except in limited trial locations for the big ISP's.

        When Windows 7 is where Windows XP is now, people will move over. But, hey, we've reached a real milestone where now it's all possible, so, yay 2011.

  • Vixie is wrong. (Score:2, Insightful)

    by Anonymous Coward

    Paul and I have been disagreeing about this sort of thing for decades now.

    I cannot think of a single supporting example; success breeds copycats, in all times and all places.

    OK, Vix: incorporate copycatting into the technical and economic model, then, instead of insisting that the current model is the only possible one. Solve a problem instead of institutionalizing it!

    Think of where we'd be if we had insisted that DNS could never work, that we'd have to always use host tables, that the download capacity o

    • I didn't find the article convincing either. Many assertions, few pieces of evidence. May as well argue that assigning driver license numbers to people can't possibly work unless a single controlling assigner keeps order.

      Seems there's a lot of dogma in the thinking of how the Internet should be managed. For instance, we could make another Internet. Instantly double the number of IPv4 addresses, since every address could be used twice. We could find some bit somewhere that we can use to distinguish th

      • by Ksevio ( 865461 )

        why not just make a simple modification to IPv4?

        But there never could be a "simple" modification to IPv4. Any change in the address size would still require all routers and switches to by modified to accept it.

      • Seems there's a lot of dogma in the thinking of how the Internet should be managed. For instance, we could make another Internet. Instantly double the number of IPv4 addresses, since every address could be used twice. We could find some bit somewhere that we can use to distinguish them, allowing communication between the 2 Internets. Does such a proposition sound like heresy?

        It sounds a lot more like fantasy / magic than like heresy. As in "assign the same IP to two NICs and hope that the packets reach the

  • Namecoin (Score:4, Informative)

    by Anonymous Coward on Thursday July 21, 2011 @10:08AM (#36834952)

    A distributed domain name system exists. Right now. Today.

    http://en.wikipedia.org/wiki/Namecoin

  • by vivaoporto ( 1064484 ) on Thursday July 21, 2011 @10:15AM (#36835008)
    Here is the tl;dr version for the ones that won't read TFA:

    You can't have a distributed system that creates an unique and arbitrary resource without cooperation between the peers. Without communication among them there will be duplication. People that think it is possible are fools.
    • PGP seems to be able to create unique keys without cooperation between the peers.
      • No, PGP creates probabilistic unique keys. These are not the same thing as unique keys.

      • by Sloppy ( 14984 )

        PGP keys are ridiculously unlikely to collide.

        But if you're using PGP for Internet email, then you're also "cooperating" with other PGP users when you rely DNS' central authority to establish the domain name part of your email address, to build your overall PGP identity. That's the "key" (in the database sense) to the "key" (in the crypto sense).

    • It's the Heisenberg Uncertainty Principle applied to domain name registration.

  • The argument misunderstands trust; that we can only trust a single system, and we must trust it completely.

    Let's assume for the purposes of argument, however, that an alternative Whois system is created and enough network operators trust it that this alternative system becomes operationally relevant and that a non-RIR resource transfer regime becomes practical. Does anybody really believe that there would be only one alternative Whois system—no copycatting? Or as in the case of alternative DNS described earlier, would not the number of potential alternative Whois systems be limited only by available capital?

    (emphasis added) Duplicate systems can contain differing information, and be trusted at different levels. People do this all the time. The author's unstated premise is that the goal is 'a definitive, trusted, answer' and not some variable level of trust (or confidence) in the answer. Think Encyclopedia Britannica; not Wikipedia.

    Inevitably, however, the same network would appear to be registered to different operators in different Whois systems since freedom from transfer limitations is the stated reason for the very existence of the alternative systems.

    Do we trust a top-down, hierarchical system controlled by a single entit

    • by Sloppy ( 14984 )

      The author's unstated premise is that the goal is 'a definitive, trusted, answer' and not some variable level of trust (or confidence) in the answer.

      Vixie didn't phrase it that way, but he didn't exactly gloss over it either. One of the things I like about the article is that he's quite explicit that he's working under the constraint that whois and DNS must be universal -- that a query must return the same result no matter where or who you are.

      Universal must always imply a single definitive answer, bas

  • Rather than just sitting back and watch as ICANN allows the demands of money to corrode an essential function of the network DNS root operators can coordinate using their leverage to effect change to ICANN and its governance.

    IP addresses of the root servers to bootstrap the entire system are configured in countless millions DNS servers. What is ICANN going to do send out a memo asking the entire network to please update their root list?

    There are solutions to ICANN which do not involve fragmenting the syste

  • If your "alternative whois" is DESIGNED to balkanize the Interwebs then it will be a success by definition.

    Totalitarian governments and companies or schools that want to make certain areas not only "off limits" but redirected to "their" version of the web site are no doubt doing this already.

    Adware-driven bogus-dns setups likely do this as well.

  • by Anonymous Coward

    Obligatory XKCD: http://xkcd.com/927/

  • I have long held that competing DNS root systems *can* work - and in fact have been working for long time.

    The issue is not whether there is one singular catholic DNS root, but rather the degree of consistency between competing roots.

    We all accept that internet users dislike surprise - they will not like any DNS root that give surprising (or misleading or fraudulent answers). That's why any DNS root that gives surprising DNS answers will quickly be shunned.

    What is intriguing about competing DNS roots is tha

  • by Cerlyn ( 202990 ) on Thursday July 21, 2011 @12:52PM (#36836556)

    I don't think many people are getting the point of this article, although I admit it is a bit confusing. While it is true that the article talks about alternative DNS systems and WHOIS; what Paul really seems concerned about is the part of the WHOIS system used to look up who is currently allowed to use a given IP address range, and is responsible for activity originating from it.

    The current authorities which run this part of the WHOIS system have rules and restrictions about how and why IP address blocks on the Internet can be assigned from one party to another. Among the things cited by the article which currently are not permitted are obtaining IP address for perceived future needs when you have not already exhausted what you have, or simply buying IP addresses for no use at all speculating they can be sold for more money later.

    Some parties do not like these rules, and want to establish their own system for buying and selling IP addresses which is not subject to the rules currently in place. They could kind-of do this right now, but the transfer of ownership would not be recorded in the old system.

    This is potentially a bad thing, as suppose someone attacks you from IP address 1.2.3.4. And for some reason, reverse DNS on that IP address fails to work. If there is more than one system tracking ownership of who currently has the right to use this IP address, how do you find the right administrator to contact? And what if someone updated their contact information or the fact the IP block had been sold in one system, but forgot to do so in another?

    • by wrmine ( 1123207 )

      This is potentially a bad thing, as suppose someone attacks you from IP address 1.2.3.4. And for some reason, reverse DNS on that IP address fails to work. If there is more than one system tracking ownership of who currently has the right to use this IP address, how do you find the right administrator to contact? And what if someone updated their contact information or the fact the IP block had been sold in one system, but forgot to do so in another?

      There is another layer that is not discussed in TFA that uses whois and routing announcements to help verify routing. Routing databases like RADB are required by most BGP transit providers and all peering exchanges will use something like peerdb.com to help track their members too. The transit providers like to know where to send the bill for the bandwidth used by an IP block and peering exchanges like to enforce their rules. IP blocks are assigned to people and companies that can change locations and provi

  • From such a well respected author, the suggestion that some competition should be classed as arrogance comes as a surprise to say the least. The world is no longer a Pangaea; it fragmented a long time ago. The one stop shop Pangaea has become a group of competing countries all with various agenda, all contactable using the same telephone numbers, but of course via different country codes. The DNS is following the same path. Competition is to be expected, yet the aim is not always to smash the opponent.

Real programmers don't comment their code. It was hard to write, it should be hard to understand.

Working...