modesittb on Nostr: In terms of privacy, I agree, it doesn’t make sense for it to be on the list. But ...
In terms of privacy, I agree, it doesn’t make sense for it to be on the list. But DNS is very centralized, with one entity (ICANN) overseeing the entire root. There’s no way to truly own a name on the internet, you can only rent it. I used to be entirely against the current system, but now I see some scenarios where a centralized DNS makes sense, like in name collisions, squatting, faking identity, etc. Don’t get me wrong, I’d love a decentralized alternative to DNS (for example Handshake), but it would be wrong to ignore the shortcomings of decentralized DNS. And DNS and web security are very closely tied, with CAs only granting certs to ICANN domains (or ip addresses but that defeats the convenience of DNS), which means your devices have no way to “trust” a service without an ICANN domain. DANE + DNSSEC could fix this, but no browsers support it.
Published at
2024-01-01 08:50:51Event JSON
{
"id": "f4f4f95f0c680dd3636191a63476b07940d9f1076c3d1ca2108af8717b62603a",
"pubkey": "e67f621e7da4a7337f34c4d298e8f9e45eafc2a2170567c58760860a4e6f8c80",
"created_at": 1704099051,
"kind": 1,
"tags": [
[
"e",
"00000171ce9818d9fb37390330ad8eff75f70374089188304025a6d19944ad3e"
],
[
"e",
"fce168a33ec24b75bc1b050f8dee90049ed7d4cb892686539ff54492fb22a6be"
],
[
"p",
"ac3f6afe17593f61810513dac9a1e544e87b9ce91b27d37b88ec58fbaa9014aa"
],
[
"p",
"d30ea98ea65e953f91ab93f6b30ea51eb33c506f87d49f600a139aef00aa9511"
]
],
"content": "In terms of privacy, I agree, it doesn’t make sense for it to be on the list. But DNS is very centralized, with one entity (ICANN) overseeing the entire root. There’s no way to truly own a name on the internet, you can only rent it. I used to be entirely against the current system, but now I see some scenarios where a centralized DNS makes sense, like in name collisions, squatting, faking identity, etc. Don’t get me wrong, I’d love a decentralized alternative to DNS (for example Handshake), but it would be wrong to ignore the shortcomings of decentralized DNS. And DNS and web security are very closely tied, with CAs only granting certs to ICANN domains (or ip addresses but that defeats the convenience of DNS), which means your devices have no way to “trust” a service without an ICANN domain. DANE + DNSSEC could fix this, but no browsers support it.",
"sig": "2822c74505195f0c81c9feaabd4e2829bc9f3186a1a6ce2ddc408f6ed8155653c62c56a54addb8f369fecd520dfe32596c4953bed7e604075999fc8754b5992b"
}