>This might be an unpopular opinion, but I think that decentralized DNS, and decentralized naming in general, is one of the few use cases that can be neatly solved by a blockchain, but is extremely hard to solve any other way.
It's an unpopular opinion because it doesn't hold up to scrutiny. Here, let's go through it piece by piece:
>A major problem when designing a decentralized naming system, or any naming system at all really, is preventing malicious users from grabbing all the cool names for themselves.
This has nothing to do with malicious users. Any system that allows users to exclusively claim names permanently (or semi-permanently) will have this problem. Even if you invented a way to define and eject all malicious users out of DNS, domain names like facebook.com and youtube.com would still be highly contended and expensive, because of the inherent demand of those names in the current market.
>The only way to do this is to make acquiring domains costly
No, that wouldn't exclude malicious customers, it would only exclude customers who don't have a lot of money. You'd just select for the customers who are both malicious and wealthy.
>and blockchains are a perfect way to enforce that in a decentralized manner.
In practice, blockchains aren't decentralized at all. This much was obvious to anyone involved, since the first bitcoin mining pool formed in 2010. By making the system costly to join, you're only accelerating the process of centralization.
>Other problems include accurately tracking domain ownership and letting the owners transfer domains to others, which cryptocurrencies have solved long ago.
Cryptocurrencies didn't solve this and never will. A blockchain isn't legally binding, so tracking ownership just can't be done there. At best, you can have something that's an approximation of ownership, but still requires a trusted authority (i.e. an oracle) to make the final say on what the ownership actually is.
>As an added benefit, because all domains in such a system are owned by a public key, we suddenly no longer need a root of trust for TLS, instead, we accept any TLS certificate signed by that public key.
This is just shifting the problem. Now instead of worrying about trusting the root, you have to worry about trusting every single key out there, and make an individual decision for each of them.
> No, that wouldn't exclude malicious customers, it would only exclude customers who don't have a lot of money. You'd just select for the customers who are both malicious and wealthy.
If domains cost $0, claiming all potentially useful names for yourself costs x*0=$0. Someone will inevitably do that, making them the exclusive owner of almost all domains you could ever want to buy. As a consequence, 99% of potential future domains would be owned by malicious actors, who could charge astronomical prices for them. In other words, if you make domains free, somebody will snatch them all up and sell them for a lot of money.
If you need to make a payment to get or renew a domain, such an attack becomes far more costly. Getting the first 100 English words is probably worth it, getting a combination of all possible names and surnames probably isn't, unlike in the free version. That way, you can still find interesting domains that you actually need for low dollar amounts.
> In practice, blockchains aren't decentralized at all. This much was obvious to anyone involved, since the first bitcoin mining pool formed in 2010. By making the system costly to join, you're only accelerating the process of centralization.
Even if you can make a 51% attack, the security of the system isn't compromised. Sure, you can prevent domain registrations, transfers and updates for a while, maybe even reverse transactions done in the last few blocks, but you still can't take over anybody's domain without having their private key.
> Cryptocurrencies didn't solve this and never will. A blockchain isn't legally binding, so tracking ownership just can't be done there. At best, you can have something that's an approximation of ownership, but still requires a trusted authority (i.e. an oracle) to make the final say on what the ownership actually is.
You don't care about ownership in the legal sense, all you care about is that if Mark Zuckerberg owns the private key for Facebook.com today, nobody can do anything to Facebook.com tomorrow without his consent.
> This is just shifting the problem. Now instead of worrying about trusting the root, you have to worry about trusting every single key out there, and make an individual decision for each of them.
All TLS really guarantees is that the server you're contacting is trusted by the owner of the domain you typed in. In the current system, you need a root of trust to accomplish that, blockchains give you that property for free.
It's an unpopular opinion because it doesn't hold up to scrutiny. Here, let's go through it piece by piece:
>A major problem when designing a decentralized naming system, or any naming system at all really, is preventing malicious users from grabbing all the cool names for themselves.
This has nothing to do with malicious users. Any system that allows users to exclusively claim names permanently (or semi-permanently) will have this problem. Even if you invented a way to define and eject all malicious users out of DNS, domain names like facebook.com and youtube.com would still be highly contended and expensive, because of the inherent demand of those names in the current market.
>The only way to do this is to make acquiring domains costly
No, that wouldn't exclude malicious customers, it would only exclude customers who don't have a lot of money. You'd just select for the customers who are both malicious and wealthy.
>and blockchains are a perfect way to enforce that in a decentralized manner.
In practice, blockchains aren't decentralized at all. This much was obvious to anyone involved, since the first bitcoin mining pool formed in 2010. By making the system costly to join, you're only accelerating the process of centralization.
>Other problems include accurately tracking domain ownership and letting the owners transfer domains to others, which cryptocurrencies have solved long ago.
Cryptocurrencies didn't solve this and never will. A blockchain isn't legally binding, so tracking ownership just can't be done there. At best, you can have something that's an approximation of ownership, but still requires a trusted authority (i.e. an oracle) to make the final say on what the ownership actually is.
>As an added benefit, because all domains in such a system are owned by a public key, we suddenly no longer need a root of trust for TLS, instead, we accept any TLS certificate signed by that public key.
This is just shifting the problem. Now instead of worrying about trusting the root, you have to worry about trusting every single key out there, and make an individual decision for each of them.