decentralized .solid domains

[melvincarvalho]

Solid Name System

Many decentralized web advocates come to solid but raise concerns about the dependency on the DNS system.

I wonder if we could in parallel to the web design a system to use .solid domains. Similar systems are .onion and .bit

see more : https://en.wikipedia.org/wiki/Alternative_DNS_root

I've had informal conversations with IETF people and they seem to think this is technically feasible.

Open Questions

So this issue is a place holder to brain storm design out the possibility of .solid domains.

• How would they be looked up
• What would the URLs return
• How would you prevent people squatting lots of domains

It would also be good if we talk to someone at ICANN and ask them save this for us.

[melvincarvalho]

1. How would they be looked up?

Initial thoughts on how the routing could work.

Create a special nick solidns (solid naming service) that will manage routing.

Then in various pods you would have

/.well-known/solidns/example

This would map to the domain example.solid

This would return machine readable data (turtle) which would be equivalent to a DNS name server.

Via a bootstrap .solid supporting user agents would look up the .solid record using HTTP, and then route the request accordingly.

The governance of /.well-known/solidns would be a different question. We would have to create a technical set of norms managed by the community.

[melvincarvalho]

2. What would the URL return

There are two URLs the .solid URL (used for content) and the solidns url (used for lookup)

What does the .solid URL return?

Would return a standard web document

After the routing you will end on a solid pod that contains the content

What does the solidns URL return?

Well this would be RDF of course

A simple starting point would be to create a minimal subset of the DNS system (which can be modeled in RDF)

An ontology could be developed to capture the common terms

Perhaps the devil is in the detail in some cases and this will tie in to (1) also

This section is partially incomplete needs more work

[melvincarvalho]

3. How would you prevent people squatting lots of domains

This is perhaps as much a social problem as technical one. But solid is designed to be social.

The community would have to create a sensible set of rules that makes sense for the system and worked practically. A web of trust which is used in GPG may be leveraged to prevent one person registering too many domains.

There is also the concept of a strong set in the web of trust. We could perhaps have an sss (like the www on its side) to mean the Solid Strong Set, where members were part of the community and have agreed to a code of conduct.

The community would need to come up with sensible rules to get the system going. This would require reading some literature and brain storming. One possible way would be :

• Each user is allowed to claim one .solid domain
• In order to get a new domain they have to give up their old .solid domain

These are just rough ideas. Hopefully they can be fleshed out into a proposal and working system. Feedback welcome.

[megoth]

Reg point 3, do we have a way of ensuring a one-to-one relationship between user and person? If there is no certain way, couldn't a person create multiple users and register a domain for each?

If we have a way of ensuring one-to-one between a user and a person, how would transfer of ownership work if something would happen to the person that would make them unable to ever make use of the domain (e.g. death)?

Even if we have a system that "fixes" these two aspects, we still can't stop a group of people working as domain name trolls together, right?

I very much agree that this is a social problem as well as technical one, and sadly I don't have good alternatives on this =/ It is a difficult problem to find a good solution for. I'm thinking the goal is have good domain names easy to remember and that "properly aligns to the entity it represents" (air quotes because I cannot think of better phrasing right now)? The problem then becomes how to create a fair set of rules that ensures this =/

[kjetilk]

I think that having a .solid TLD could have value in itself, even if we do not make it an alternative DNS (I run all those on the DNS server in my house for the family, but I don't think I ever looked up such a domain).

One of my concerns is that we'd like people to have their own domains, but with the prices of some domain names having gone through the roof, it could be prohibitively expensive for many people around the world. We might therefore have the Web Foundation manage it with the intent of making it accessible for solid installs so that the cost wouldn't be a big problem.

In the long run, I think it would be interesting to base the whole DNS on a strong set consensus, I really like that idea, but I think that is pretty hard to rely on from early in the project.

[Daniel-Abrecht]

I don't think domain squatting or getting lots of domains has to be impossible or is even possible to prevent, just make it meaningless instead:

• A rate limit per IP, IP ranges, and a global one should be enough to prevent that the amount of domains to store becomes too excessive.
• A lot of people may want to use their name for their domain. There are a lot of people with the same name. Just add a base 36 number at the beginning for every domain, and there will be no one true john-doe.solid anymore, just a john-doe.5x3.solid, a john-doe.b2a.solid, etc. Just rate limit this as well.

I don't think any additional restrictions should be placed on these domain names.

If these domains are stored on all pods in a distributed way, there would be a need to keep them in sync. Could we use the paxos protocols, do they scale, are they secure enough? Just an idea.

[steven-tomlinson]

Off on a tangent here ….

In terms of preventing domain squatting, would it be possible to implement some kind of "Solid Client App Registry"?

It seems that a client app is going to require a domain. If there was a way to tie the Domain Registration to the Client App Registration as a 1:1 constraint that might solve the problem.

As for who or how the Client App Registry (app?) would be persisted, administered, and maintained, I don't know.

[tiagosomda]

As for who or how the Client App Registry (app?) would be persisted, administered, and maintained.

It could be saved on a blockchain.

[mikeadams1]

Melvincarvalho can go to godaddy.com and register any domain he wants like, dipstick.community and then create a page called oil.dipstick.community and then create a page called Mobile.dipstick.community and place links to those domains on each other. Then post a link on facebook to your oil.dipstick.community and google will crawl them. Domain squatting is just business, people use the web for fun, games, social, and business to name a few. I think melvincarvalho is seeking to disrupt others from making money and that I believe is not what solid is about. Solid is revolutionizing the way data is linked together, thats the point.

[mikeadams1]

I forgot to state that solid is not a domain, the domain is .community and .net

[Mitzi-Laszlo]

You can find more conversation on this subject here https://forum.solidproject.org/t/decentralised-solid-domains/408

[melvincarvalho]

hey @Mitzi-Laszlo we discussed this issue out of band, and you asked if you could start this topic on the solidproject forum (which Im not currently on) and I said sure that's fine, but to please leave this github issue open, as it intersects potentially with other initiatives.

I've even purchased a domain that points to the topic :

http://solidns.org

Possibly a misunderstanding, or there is a development I'm unaware of. In the mean time, I hope it's OK to reopen.

[Ornataweaver]

Why do you need a domain, when the data can have independent fingerprints?

[melvincarvalho]

Why do you need a domain, when the data can have independent fingerprints?

You dont need a domain. But having an HTTP URI allows you to use a wide range of tools to dereference the data. How will I get data from a fingerprint?

The other point is that if we work out a way to manage it, we can essentially offer everyone that wants one, a .solid domain for free.

[Ornataweaver]

How will I get data from a fingerprint?
With technologies such as 'dat://', 'ipfs', 'ZeroNet'.

https://alternativeto.net/software/dat/
https://alternativeto.net/software/ipfs/
https://alternativeto.net/software/zeronet/

[melvincarvalho]

@Ornataweaver got it. It's possible to have content addressable URIs, but this requires an infrastructure to dereference them. Both strategies can play well with each other, but tend to have different network effects around them.

• DNS is pay but has a mature and large network effect.

• dat / ipfs / zeronet (I dont know all of these) are long lived URIs but need an infrastructure to both dereference, and sometimes store data. Sometimes pay e.g. with ipfs pinning. Sometimes community managed. Tends to be a smaller but growing network effect, and requires some evangelism.

• .solid bootstraps DNS / Resource Oriented Computing. Could be cheap or free, for those for which that's a differentiator. Requires an infrastructure. No network effect yet, but we can bootstrap solid pods to create one. Requires evangelism.

All will play well together and give the end user more choice. Just different strategies with different trade offs. Hope that made a bit of sense!

[Ornataweaver]

@melvincarvalho Do you mean those networks need more content?