[Freedombox-discuss] distributed DNS
ian at churchkey.org
ian at churchkey.org
Tue Mar 15 15:04:05 UTC 2011
On 03/15/2011 09:45 AM, Bjarni Rúnar Einarsson wrote:
> Again, what problem are you trying to solve? I am going to assume you
> aren't being anti-business just for the sake of being anti-business. :-)
I've wondered about running our own dynamic DNS system for a while and I
think there are legitimate reasons we would want to do that beyond
general dislike of corporate provided infrastructure.
I tend to think we will have to make use of dynamic DNS for some
services, like social networking, since we need a way to bridge any
private addressing capabilities we have between boxes with people in the
wider world if we are going to successfully deal with existing network
effects. (More about that here:
http://churchkey.org/2010/03/17/dynamic-dns-facebook/)
Given that, I'll give two reasons we might want to run our own dynamic
DNS service(s).
Technical reason:
Existing dynamic dns systems don't use particularly secure mechanisms
for updating records. If we build both the client, the FreedomBox, and
the Synamic DNS service it communicates with, we can build in more
secure mechanisms for making sure that your DNs records aren't hijacked.
(See https://labs.riseup.net/code/issues/2284 for a list of various
proposed auth mechanisms and discussions)
While we might be able to have whatever mechanism we settle on
implemented by one of the existing community oriented providers, having
the secure mechanism be the only supported mechanism for updating
addresses would give the service some additional security.
Social/Legal reason:
Given that a core aim of this project is to decentralize infrastructure
and make personal information harder to access for third parties, where
we do end up making use of centralized infrastructure, we should make an
effort to ensure that we have a reason to trust the people running those
switches.
Personally, I want those people to be 1) people that I know or whose
position depends on being known by the community, 2) people that I trust
not to keep logs, and 3) people who have access to good lawyers so they
don't just roll over when governments start demanding information and so
they can make intelligent decisions about things like what jurisdiction
to operate out of and how best to guarantee autonomy through corporate
structure or community boards or what have you.
-Ian
More information about the Freedombox-discuss
mailing list