That's the reason why I think that in an ideal setup there would be multiple independent domains each mapping to multiple independent name servers. If one domain fails there are still other domains available. If one name server fails clients will just query one of the available servers.khal wrote:Or your domain name could be seized, and a lot of ns servers would be useless...gst wrote:I'm currently also looking for others to provide nameservers for the "bitname.org" domain. My goal is to have different nameservers operated by different individuals. If one of the nameservers needs to filter a particular result (due to local laws), it would then return "servfail" to the client, to allow the client to query another server instead.
As long as the court does not specify how to filter the subdomain this isn't a problem. Just return a SERVFAIL on the name servers that need to censor the domain, as this should allow clients to query another server (that does not need to censor requests).khal wrote:Or a court could ask you to filter a subdomain on all ns servers, because you are the owner of the domain name...
I think it shouldn't be too hard to use some Apache rewrite rules (or something like this) that essentially allow for wildcard hostnames. So instead of matching "dot-bit.bitname.org" you would match something like "dot-bit.*.*" instead.khal wrote:To avoid that, we must have "resolvers" on different TLDs, but that mean people will need to add each resolver hostnames to their apache conf... (opennic.dot-bit.org, opennic.other-resolver.net, ...). No really simple...
A simplier solution would be to create full proxies (no configuration needed for domain owners).
An (optional) NamecoinUs-style proxy is a nice idea (as long as it is optional). Automatically enabling a proxy for each name (directly under bitname.org) would imply that other protocols not supported by the proxy will fail.