Namecoin is a cryptocurrency, just like Bitcoin, and uses the same de-centralized technology. The most visible difference is that it allows registration and provisioning of domain names using the namecoin currency. These domain names are not subject to censorship by governments, theft by criminals, or seizures at the behest of large corporations.
The domain name system (DNS) is one of the core services of the Internet, allowing memorable names to be used to reference various resources. It’s often referred to as the Internet’s phone book, because DNS is how your computer finds IP addresses when you provide domain names. For example, DNS enables us to send email to a recipient like “[email protected]”, or visit a website by using an easy moniker like “http://coinjoint.info”.
The domain name system has worked reliably for many years, due largely to its distributed nature and sensible oversight. But it has serious technical problems, and increasingly apparent issues around governance. DNS has been showing it’s age lately, but it has never yet completely broken down, so there is no sense of urgency about replacing it among the general population of Internet users. ICANN and various Internet security organizations, however, are intensely interested in exploring new ways to address these concerns.
Introducing a De-centralized System for Domain Names
Namecoin was the original clone of the Bitcoin codebase. DNS was, and still is seen as one of the best use cases for crypto-currencies. That is due to the underlying “blockchain” technology, which acts as a distributed data store that is not under any central control. This technology has an important characteristic which makes it a terrific way to handle domain name registrations, namely that the domain information is agreed upon by every node on the network, yet controlled by none.
The essential benefit from using a blockchain to implement DNS is the fact that changing data is essentially impossible. When someone asserts their ownership of a domain name in this system, a record is created that is basically immutable. Traditional databases, for example, are running on specific servers and can be attacked and have data changed, deleted, or added. Using Namecoin, all details are agreed upon by the entire network.
Namecoin has tokens, as do all crypto-currencies, but the coins’ store of value are not the primary feature. They are required in order to reserve and update the domain name records in this system. And they are used to provide incentive for the miners to record transactions and secure the network. Thus they have intrinsic value.
What’s wrong with the current system?
The US Department of Defense established and controlled the Internet until the early 1990s at which time oversight responsibility was handed over to the US Department of Commerce. Since then ICANN, a US not-for-profit corporation, has provided stable and reliable governance of the domain name system. Yet they fall short in many key areas, and there is increasing desire throughout much of the world in having control wrested away from the United States.
ICANN has processes in place which include many stakeholders, and there are plenty who believe that national governments and intellectual property holders exert far too much influence on the process. One main reason that an alternate model of Internet governance has not become a more popular rallying cry is that other national governments look even less capable of benevolent oversight. China and Russia in particular have been very vocal critics of US policy regarding the Internet, but who among us believes the situation would improve with more control ceded to these repressive governments?
ICANN controls the allocation and operation of the domain name system. They let contracts with registry operators to run the Top Level Domains (TLDs) as well as making and enforcing the rules by which registrars must operate. They also decide how and when new TLDs will be introduced.
Many technical shortcomings in the domain name system are related to its centralized nature. Root nameservers, for example, are at the top of the DNS hierarchy, and provide a convenient attack vector to those who might want to take down much of the functioning of the Internet.
Another key area of concern is the use of signed server certificates to establish trust on the Internet. Certificate authorities issue assurances that the entity on the other end of your interaction is really who they claim to be. Unfortunately this system is highly centralized as well, and has proven to be neither reliable or trustworthy.
Notice a pattern here? Centralization of authority, in both technical systems and human organizations has inherent problems. Whenever power is concentrated among a few people, they are susceptible to corruption and coercion. Namecoin provides elegant new solutions to these problems, with a domain name system for the future.
.BIT is Quite a Bit Better Type of TLD
Namecoin comes with a predefined namespace for the .BIT Top Level Domain. People can reserve a domain name like coinjoint.bit and can update it with information whenever they need to. Typically the type of data in the update operation is related to how the domain name can be resolved, similar to how traditional DNS zonefiles work. A registrant can provide an IP address, or nameservers, or complete contact info if they choose.
None of this is required information, and simply providing an IP address is common. This is sufficient to let resolvers direct traffic to the relevant webserver, but does not explicitly reveal the identity of the registrant. The choice of how much information is associated with a domain name is completely at the discretion of the registrant. Contrast this with our current system, where ICANN regulations require registrants to provide and maintain accurate contact information.
This registration data can only be updated by the personal holding the private key associated with the public address used in the domain reservation process. The holder of this private key is the de facto registrant who controls the domain name, if indeed a domain name was reserved in the transaction. More on that later.
In the same way that Bitcoin allows people to “be their own banks” Namecoin allows people to exercise much more control over their domain names than the legacy system. Since the information lives on a blockchain, this system does not provide a way for any authority to seize a domain name, or for a criminal to steal it. This is a fundamental difference, and provides utility in a way that our current DNS cannot.
Be sure to look for our next installment to learn more about Namecoin. We will discuss in detail the process for registering, updating and managing domain names. Namecoin’s potential to address issues around server certificates and public key management deserve a closer look as well. And Namecoin’s built-in identity management capability cannot be ignored. Find out more about recent applications built on the Namecoin blockchain, and other ideas about using this system for various purposes. Stay tuned, we’ve got a lot more to cover!
Tip the author: