New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

decentralized .solid domains #201

Open
melvincarvalho opened this Issue Oct 10, 2018 · 17 comments

Comments

Projects
None yet
10 participants
@melvincarvalho
Copy link
Contributor

melvincarvalho commented Oct 10, 2018

Solid Name System

Many decentralized web advocates come to solid but raise concerns about the dependency on the DNS system.

I wonder if we could in parallel to the web design a system to use .solid domains. Similar systems are .onion and .bit

see more : https://en.wikipedia.org/wiki/Alternative_DNS_root

I've had informal conversations with IETF people and they seem to think this is technically feasible.

Open Questions

So this issue is a place holder to brain storm design out the possibility of .solid domains.

  • How would they be looked up
  • What would the URLs return
  • How would you prevent people squatting lots of domains

It would also be good if we talk to someone at ICANN and ask them save this for us.

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Oct 10, 2018

1. How would they be looked up?

Initial thoughts on how the routing could work.

Create a special nick solidns (solid naming service) that will manage routing.

Then in various pods you would have

/.well-known/solidns/example

This would map to the domain example.solid

This would return machine readable data (turtle) which would be equivalent to a DNS name server.

Via a bootstrap .solid supporting user agents would look up the .solid record using HTTP, and then route the request accordingly.

The governance of /.well-known/solidns would be a different question. We would have to create a technical set of norms managed by the community.

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Oct 10, 2018

2. What would the URL return

There are two URLs the .solid URL (used for content) and the solidns url (used for lookup)

What does the .solid URL return?

Would return a standard web document

After the routing you will end on a solid pod that contains the content

What does the solidns URL return?

Well this would be RDF of course

A simple starting point would be to create a minimal subset of the DNS system (which can be modeled in RDF)

An ontology could be developed to capture the common terms

Perhaps the devil is in the detail in some cases and this will tie in to (1) also

This section is partially incomplete needs more work

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Oct 10, 2018

3. How would you prevent people squatting lots of domains

This is perhaps as much a social problem as technical one. But solid is designed to be social.

The community would have to create a sensible set of rules that makes sense for the system and worked practically. A web of trust which is used in GPG may be leveraged to prevent one person registering too many domains.

There is also the concept of a strong set in the web of trust. We could perhaps have an sss (like the www on its side) to mean the Solid Strong Set, where members were part of the community and have agreed to a code of conduct.

The community would need to come up with sensible rules to get the system going. This would require reading some literature and brain storming. One possible way would be :

  • Each user is allowed to claim one .solid domain
  • In order to get a new domain they have to give up their old .solid domain

These are just rough ideas. Hopefully they can be fleshed out into a proposal and working system. Feedback welcome.

@megoth

This comment has been minimized.

Copy link

megoth commented Oct 10, 2018

Reg point 3, do we have a way of ensuring a one-to-one relationship between user and person? If there is no certain way, couldn't a person create multiple users and register a domain for each?

If we have a way of ensuring one-to-one between a user and a person, how would transfer of ownership work if something would happen to the person that would make them unable to ever make use of the domain (e.g. death)?

Even if we have a system that "fixes" these two aspects, we still can't stop a group of people working as domain name trolls together, right?

I very much agree that this is a social problem as well as technical one, and sadly I don't have good alternatives on this =/ It is a difficult problem to find a good solution for. I'm thinking the goal is have good domain names easy to remember and that "properly aligns to the entity it represents" (air quotes because I cannot think of better phrasing right now)? The problem then becomes how to create a fair set of rules that ensures this =/

@kjetilk

This comment has been minimized.

Copy link
Contributor

kjetilk commented Oct 10, 2018

I think that having a .solid TLD could have value in itself, even if we do not make it an alternative DNS (I run all those on the DNS server in my house for the family, but I don't think I ever looked up such a domain).

One of my concerns is that we'd like people to have their own domains, but with the prices of some domain names having gone through the roof, it could be prohibitively expensive for many people around the world. We might therefore have the Web Foundation manage it with the intent of making it accessible for solid installs so that the cost wouldn't be a big problem.

In the long run, I think it would be interesting to base the whole DNS on a strong set consensus, I really like that idea, but I think that is pretty hard to rely on from early in the project.

@Daniel-Abrecht

This comment has been minimized.

Copy link

Daniel-Abrecht commented Oct 11, 2018

I don't think domain squatting or getting lots of domains has to be impossible or is even possible to prevent, just make it meaningless instead:

  • A rate limit per IP, IP ranges, and a global one should be enough to prevent that the amount of domains to store becomes too excessive.
  • A lot of people may want to use their name for their domain. There are a lot of people with the same name. Just add a base 36 number at the beginning for every domain, and there will be no one true john-doe.solid anymore, just a john-doe.5x3.solid, a john-doe.b2a.solid, etc. Just rate limit this as well.

I don't think any additional restrictions should be placed on these domain names.

If these domains are stored on all pods in a distributed way, there would be a need to keep them in sync. Could we use the paxos protocols, do they scale, are they secure enough? Just an idea.

@steven-tomlinson

This comment has been minimized.

Copy link

steven-tomlinson commented Oct 24, 2018

Off on a tangent here ….

In terms of preventing domain squatting, would it be possible to implement some kind of "Solid Client App Registry"?

It seems that a client app is going to require a domain. If there was a way to tie the Domain Registration to the Client App Registration as a 1:1 constraint that might solve the problem.

As for who or how the Client App Registry (app?) would be persisted, administered, and maintained, I don't know.

@tiagosomda

This comment has been minimized.

Copy link

tiagosomda commented Oct 24, 2018

As for who or how the Client App Registry (app?) would be persisted, administered, and maintained.

It could be saved on a blockchain.

@mikeadams1

This comment has been minimized.

Copy link

mikeadams1 commented Nov 6, 2018

Melvincarvalho can go to godaddy.com and register any domain he wants like, dipstick.community and then create a page called oil.dipstick.community and then create a page called Mobile.dipstick.community and place links to those domains on each other. Then post a link on facebook to your oil.dipstick.community and google will crawl them. Domain squatting is just business, people use the web for fun, games, social, and business to name a few. I think melvincarvalho is seeking to disrupt others from making money and that I believe is not what solid is about. Solid is revolutionizing the way data is linked together, thats the point.

@mikeadams1

This comment has been minimized.

Copy link

mikeadams1 commented Nov 6, 2018

I forgot to state that solid is not a domain, the domain is .community and .net

@Mitzi-Laszlo

This comment has been minimized.

Copy link

Mitzi-Laszlo commented Nov 6, 2018

You can find more conversation on this subject here https://forum.solidproject.org/t/decentralised-solid-domains/408

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Nov 13, 2018

hey @Mitzi-Laszlo we discussed this issue out of band, and you asked if you could start this topic on the solidproject forum (which Im not currently on) and I said sure that's fine, but to please leave this github issue open, as it intersects potentially with other initiatives.

I've even purchased a domain that points to the topic :

http://solidns.org

Possibly a misunderstanding, or there is a development I'm unaware of. In the mean time, I hope it's OK to reopen.

@Ornataweaver

This comment has been minimized.

Copy link

Ornataweaver commented Nov 15, 2018

Why do you need a domain, when the data can have independent fingerprints?

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Dec 3, 2018

Why do you need a domain, when the data can have independent fingerprints?

You dont need a domain. But having an HTTP URI allows you to use a wide range of tools to dereference the data. How will I get data from a fingerprint?

The other point is that if we work out a way to manage it, we can essentially offer everyone that wants one, a .solid domain for free.

@Ornataweaver

This comment has been minimized.

Copy link

Ornataweaver commented Dec 4, 2018

How will I get data from a fingerprint?
With technologies such as 'dat://', 'ipfs', 'ZeroNet'.

https://alternativeto.net/software/dat/
https://alternativeto.net/software/ipfs/
https://alternativeto.net/software/zeronet/

@melvincarvalho

This comment has been minimized.

Copy link
Contributor Author

melvincarvalho commented Dec 4, 2018

@Ornataweaver got it. It's possible to have content addressable URIs, but this requires an infrastructure to dereference them. Both strategies can play well with each other, but tend to have different network effects around them.

  • DNS is pay but has a mature and large network effect.

  • dat / ipfs / zeronet (I dont know all of these) are long lived URIs but need an infrastructure to both dereference, and sometimes store data. Sometimes pay e.g. with ipfs pinning. Sometimes community managed. Tends to be a smaller but growing network effect, and requires some evangelism.

  • .solid bootstraps DNS / Resource Oriented Computing. Could be cheap or free, for those for which that's a differentiator. Requires an infrastructure. No network effect yet, but we can bootstrap solid pods to create one. Requires evangelism.

All will play well together and give the end user more choice. Just different strategies with different trade offs. Hope that made a bit of sense!

@Ornataweaver

This comment has been minimized.

Copy link

Ornataweaver commented Dec 4, 2018

@melvincarvalho Do you mean those networks need more content?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment