[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Freedombox-discuss] distributed DNS

On 3/15/2011 9:37 AM, bertagaz at ptitcanardnoir.org wrote:
>> Dynamic DNS providers have very little chance to spy on you, and (assuming
>> you use your own domain name) if they don't play nice, you just switch to a
>> different one.  Why do they need to be replaced?  There are quite a few
>> options out there, including some very community-minded ones like
>> www.afraid.org.
> Dynamic DNS providers have a hudge chance to spy what IPs your domain had
> since you registered.
Um.... just run host on a domain from cron and save to a file. It's 
information necessary to the operation of an IP network. It's not spying.

>   And to me (an I don't think I'm the only one) that
> is an important problem. What are the logging practice of the
> community-driven one you talk about? Do they have privacy/anonymity in
> mind?

Anyone can log this information. You can't keep it from being logged.

> If one of the freedombox project goal is to "take back users data where they
> belong", why not this (important) one?

Oh we should definitely all run our own DNS. I know I do (via PowerDNS). 
I'm a huge proponent of data ownership (see my wiki page at 
http://wiki.knownelement.com/index.php/Data_Ownership ) and have been 
pushing it very hard over the past 18 months or so. DNS was actually the 
last thing I switched over.

I'm far more interested in setting up a decentralized registrar as 
that's where it really matters. Even if you run your own 
DNS/mail/www/telephony/kerberos etc you can still get booted if your 
registrar decides to revoke your domain.

> But I don't see a problem to offer both solutions, and let users choose.
> Do you?

No I don't.

>> Well, pay the bill for a DNS domain at least, not that expensive though.
>>> Some are already rented by people around here.
>>> Bandwidth shouldn't be a problem if the system is decentralized. I guess
>>> the best would be for such a system to be able to support multiple domain
>>> name, so that if some fb user wants to own and use one, he/she could
>>> manage it.
>> What do you mean by decentralized?  I hope you don't intend to replace the
>> small number of commercial entities who can currently
>> coopt/corrupt/manipulate my DNS records with a much larger number of
>> decentralized, anonymous volunteers who can all do the same thing! :-)
> Decentralized is probably a confusing term, I was meaning a system where
> users control their dns registration themselves, without any central
> authority.

DNS registration? You mean zone files? Or you mean the registrar? 
Because the former is super simple today, the latter will require some 
serious work (politically/marketing wise not technically).

> But all this is just a problem I'm thinking about and that would need a
> lot of design to be really consistent.

You are absolutely correct. It's worth starting and continuing a 
discussion about. I'm glad this thread is here. It's perhaps the best 
thing that can come out of the freedom box project. Let's face it, this 
project is about integration of existing pieces (as covered on the wiki) 
, and production of a hardware/software appliance and a debian meta 
package as an end product. Exact features of said end product are up for 
some debate but I think that's only a few months of work.  Evolution 
towards an expected end goal as opposed to revolution (well for those of 
us that have been pushing data ownership that is).

Now a revolution would be the production of a many million freedombox 
powered, parallel large scale network that supports a decentralized 
registrar/telephony system. We have the technology to make this happen.

This is what I'm working towards. It's why I'm involved with the village 
telco and serval project, and why I'm following the freedombox project 
very closely. I plan to contribute my technical expertise to the project 
once things have settled down a bit architecture wise. So far I'm 
pleased with the way things are going and the contributions of everyone 

Reply to: