Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
decentralized .solid domains #201
Solid Name System
Many decentralized web advocates come to solid but raise concerns about the dependency on the DNS system.
I've had informal conversations with IETF people and they seem to think this is technically feasible.
So this issue is a place holder to brain storm design out the possibility of .solid domains.
It would also be good if we talk to someone at ICANN and ask them save this for us.
1. How would they be looked up?
Initial thoughts on how the routing could work.
Create a special nick solidns (solid naming service) that will manage routing.
Then in various pods you would have
This would map to the domain
This would return machine readable data (turtle) which would be equivalent to a DNS name server.
Via a bootstrap .solid supporting user agents would look up the .solid record using HTTP, and then route the request accordingly.
The governance of /.well-known/solidns would be a different question. We would have to create a technical set of norms managed by the community.
2. What would the URL return
There are two URLs the .solid URL (used for content) and the solidns url (used for lookup)
What does the .solid URL return?
Would return a standard web document
After the routing you will end on a solid pod that contains the content
What does the solidns URL return?
Well this would be RDF of course
A simple starting point would be to create a minimal subset of the DNS system (which can be modeled in RDF)
An ontology could be developed to capture the common terms
Perhaps the devil is in the detail in some cases and this will tie in to (1) also
This section is partially incomplete needs more work
3. How would you prevent people squatting lots of domains
This is perhaps as much a social problem as technical one. But solid is designed to be social.
The community would have to create a sensible set of rules that makes sense for the system and worked practically. A web of trust which is used in GPG may be leveraged to prevent one person registering too many domains.
There is also the concept of a strong set in the web of trust. We could perhaps have an sss (like the www on its side) to mean the Solid Strong Set, where members were part of the community and have agreed to a code of conduct.
The community would need to come up with sensible rules to get the system going. This would require reading some literature and brain storming. One possible way would be :
These are just rough ideas. Hopefully they can be fleshed out into a proposal and working system. Feedback welcome.
Reg point 3, do we have a way of ensuring a one-to-one relationship between user and person? If there is no certain way, couldn't a person create multiple users and register a domain for each?
If we have a way of ensuring one-to-one between a user and a person, how would transfer of ownership work if something would happen to the person that would make them unable to ever make use of the domain (e.g. death)?
Even if we have a system that "fixes" these two aspects, we still can't stop a group of people working as domain name trolls together, right?
I very much agree that this is a social problem as well as technical one, and sadly I don't have good alternatives on this =/ It is a difficult problem to find a good solution for. I'm thinking the goal is have good domain names easy to remember and that "properly aligns to the entity it represents" (air quotes because I cannot think of better phrasing right now)? The problem then becomes how to create a fair set of rules that ensures this =/
I think that having a
One of my concerns is that we'd like people to have their own domains, but with the prices of some domain names having gone through the roof, it could be prohibitively expensive for many people around the world. We might therefore have the Web Foundation manage it with the intent of making it accessible for solid installs so that the cost wouldn't be a big problem.
In the long run, I think it would be interesting to base the whole DNS on a strong set consensus, I really like that idea, but I think that is pretty hard to rely on from early in the project.
I don't think domain squatting or getting lots of domains has to be impossible or is even possible to prevent, just make it meaningless instead:
I don't think any additional restrictions should be placed on these domain names.
If these domains are stored on all pods in a distributed way, there would be a need to keep them in sync. Could we use the paxos protocols, do they scale, are they secure enough? Just an idea.
referenced this issue
Oct 22, 2018
Off on a tangent here ….
In terms of preventing domain squatting, would it be possible to implement some kind of "Solid Client App Registry"?
It seems that a client app is going to require a domain. If there was a way to tie the Domain Registration to the Client App Registration as a 1:1 constraint that might solve the problem.
As for who or how the Client App Registry (app?) would be persisted, administered, and maintained, I don't know.
Melvincarvalho can go to godaddy.com and register any domain he wants like, dipstick.community and then create a page called oil.dipstick.community and then create a page called Mobile.dipstick.community and place links to those domains on each other. Then post a link on facebook to your oil.dipstick.community and google will crawl them. Domain squatting is just business, people use the web for fun, games, social, and business to name a few. I think melvincarvalho is seeking to disrupt others from making money and that I believe is not what solid is about. Solid is revolutionizing the way data is linked together, thats the point.
You can find more conversation on this subject here https://forum.solidproject.org/t/decentralised-solid-domains/408
hey @Mitzi-Laszlo we discussed this issue out of band, and you asked if you could start this topic on the solidproject forum (which Im not currently on) and I said sure that's fine, but to please leave this github issue open, as it intersects potentially with other initiatives.
I've even purchased a domain that points to the topic :
Possibly a misunderstanding, or there is a development I'm unaware of. In the mean time, I hope it's OK to reopen.
You dont need a domain. But having an HTTP URI allows you to use a wide range of tools to dereference the data. How will I get data from a fingerprint?
The other point is that if we work out a way to manage it, we can essentially offer everyone that wants one, a .solid domain for free.
@Ornataweaver got it. It's possible to have content addressable URIs, but this requires an infrastructure to dereference them. Both strategies can play well with each other, but tend to have different network effects around them.
All will play well together and give the end user more choice. Just different strategies with different trade offs. Hope that made a bit of sense!