[Freedombox-discuss] distributed DNS
On 3/15/2011 9:37 AM, bertagaz at ptitcanardnoir.org wrote:
>> Dynamic DNS providers have very little chance to spy on you, and (assuming
>> you use your own domain name) if they don't play nice, you just switch to a
>> different one. Why do they need to be replaced? There are quite a few
>> options out there, including some very community-minded ones like
> Dynamic DNS providers have a hudge chance to spy what IPs your domain had
> since you registered.
Um.... just run host on a domain from cron and save to a file. It's
information necessary to the operation of an IP network. It's not spying.
> And to me (an I don't think I'm the only one) that
> is an important problem. What are the logging practice of the
> community-driven one you talk about? Do they have privacy/anonymity in
Anyone can log this information. You can't keep it from being logged.
> If one of the freedombox project goal is to "take back users data where they
> belong", why not this (important) one?
Oh we should definitely all run our own DNS. I know I do (via PowerDNS).
I'm a huge proponent of data ownership (see my wiki page at
http://wiki.knownelement.com/index.php/Data_Ownership ) and have been
pushing it very hard over the past 18 months or so. DNS was actually the
last thing I switched over.
I'm far more interested in setting up a decentralized registrar as
that's where it really matters. Even if you run your own
DNS/mail/www/telephony/kerberos etc you can still get booted if your
registrar decides to revoke your domain.
> But I don't see a problem to offer both solutions, and let users choose.
> Do you?
No I don't.
>> Well, pay the bill for a DNS domain at least, not that expensive though.
>>> Some are already rented by people around here.
>>> Bandwidth shouldn't be a problem if the system is decentralized. I guess
>>> the best would be for such a system to be able to support multiple domain
>>> name, so that if some fb user wants to own and use one, he/she could
>>> manage it.
>> What do you mean by decentralized? I hope you don't intend to replace the
>> small number of commercial entities who can currently
>> coopt/corrupt/manipulate my DNS records with a much larger number of
>> decentralized, anonymous volunteers who can all do the same thing! :-)
> Decentralized is probably a confusing term, I was meaning a system where
> users control their dns registration themselves, without any central
DNS registration? You mean zone files? Or you mean the registrar?
Because the former is super simple today, the latter will require some
serious work (politically/marketing wise not technically).
> But all this is just a problem I'm thinking about and that would need a
> lot of design to be really consistent.
You are absolutely correct. It's worth starting and continuing a
discussion about. I'm glad this thread is here. It's perhaps the best
thing that can come out of the freedom box project. Let's face it, this
project is about integration of existing pieces (as covered on the wiki)
, and production of a hardware/software appliance and a debian meta
package as an end product. Exact features of said end product are up for
some debate but I think that's only a few months of work. Evolution
towards an expected end goal as opposed to revolution (well for those of
us that have been pushing data ownership that is).
Now a revolution would be the production of a many million freedombox
powered, parallel large scale network that supports a decentralized
registrar/telephony system. We have the technology to make this happen.
This is what I'm working towards. It's why I'm involved with the village
telco and serval project, and why I'm following the freedombox project
very closely. I plan to contribute my technical expertise to the project
once things have settled down a bit architecture wise. So far I'm
pleased with the way things are going and the contributions of everyone