Hi,
the minimum update frequency of a blockchain is about 10 minutes and the costs of an update are too expensive for high-frequency updates like DynDNS or handover from one cell tower to another while moving. Additionally the size of all records is limited to 1023 bytes.
The solution is to couple the blockchain with a distributed hashtable. The resource records are signed via DNSSEC and exchanged via the DHT. The blockchain only assigns the DNSSEC zone-signing-key to the name/domain. That way the blockchain only has to be updated on registration, renewal, deletion or transfer. If a resolver wants to resolve a record it queries the DHT for the record, validates the record with it's DNSSEC key-signing-key and validates the DNSSEC key-signing-key with DNSSEC zone-signing-key stored in the blockchain.
As a proof-of-concept I suggest to extend Dnsmasq (which is widely spread and capable to validate DNSSEC) with a Kademlia DHT to exchange DNSSEC-signed resource records between Dnsmasq instances and use the blockchain (e.g via libcoin) to provide the DNSSEC zone-signing-keys. That way any router with Dnsmasq (e.g. OpenWRT routers) would become a resolver for dot.bit domains with real-time resolving capability.
What do you think?
Renne
Resource record realtime update via distributed hashtable
-
indolering
- Posts: 801
- Joined: Sun Aug 18, 2013 8:26 pm
- os: mac
Re: Resource record realtime update via distributed hashtabl
Nameservers already allow for this functionality, but I think a P2P nameserver will be a necessity in the future.
However, designing a low-latency distributed database that is resistant to attack and anonymous is difficult and has very different requirements than the DHT's used by file sharing programs.
For example, some websites could afford to add in a dedicated Nameserver to the mix, so would the network direct clients there first? If that nameserver became inoperative, how would the network recover, would it continue to serve caches of the information?
If you interested in such research, I for one would personally be ecstatic if you decided to take it on. I've been passively monitoring new distributed networks for one that might be suitable, but none of have surfaced.
However, designing a low-latency distributed database that is resistant to attack and anonymous is difficult and has very different requirements than the DHT's used by file sharing programs.
For example, some websites could afford to add in a dedicated Nameserver to the mix, so would the network direct clients there first? If that nameserver became inoperative, how would the network recover, would it continue to serve caches of the information?
If you interested in such research, I for one would personally be ecstatic if you decided to take it on. I've been passively monitoring new distributed networks for one that might be suitable, but none of have surfaced.
DNS is much more than a key->value datastore.