Can anyone elaborate on what he means when he says that Verisign can 'go down' and take down most of the internet with it? How would a registrar going down affect anything to do with actual hosts?
If Verisign is running the nameservers for .com and .net, it will cause DNS problems across the board. We'd have to rely on DNS caches until new .net and .com nameservers come up. This would impact not only new domain registrations, but DR grade migrations, and DNSSEC.
If coordinated with an attack against the root nameservers so we couldn't change the .com and .net nameservers, DNS would become a real disaster. If combined with some BGP trickery, you could even see domain names being poisoned.
We should be able to be worked around the damage eventually; but so much of the internet relies on so few root servers/hosts/routers.
I think the problem with the blockchain is that it is relatively immutable, while the internet is anything but. Also, the cost for making a Namecoin change is inexpensive now, but if it were to take over full operations for even one TLD, that would not remain the case.
For some reasons to use DNS (e.g. service discovery) the latency associated with a blockchain would be prohibitive. Generally, I think it's an excellent application.
Poor wording. Verisign operates .com for the US government. So if Verisign's .com servers were to go down, then .com would go down with them. The author shouldn't have used the word "registrar" which makes people think of the creation of new domain names, à la GANDI (good) or GoDaddy (bad).
What does it mean "operates .com" and ".com would go down"? Does it mean that "google.com" would suddenly stop resolving? If so, how is that possible given the way DNS works? If not, what exactly is the panic about?
Most DNS resolvers come with a 'root zone hints file', which includes a list of the root nameservers and static IPs for each one.
When you look up google.com, these root nameservers are queried for com, and they return the results (name and IP) for the nameservers for .com
These nameservers for com are then queried for google.com, which then return the results for the nameservers for google.com.
Google's nameservers are then queried for google.com, and an IP is returned.
So yes, given how DNS works, all .com and .net domains would stop resolving if the Verisign nameservers for .com and .net were to go down. Most people go through caching nameservers, which would retain the values for google.com, and continue to return them, up until the time to live on those records expired, at which point they too would stop returning any values if the upstream servers hadn't returned before then.
If coordinated with an attack against the root nameservers so we couldn't change the .com and .net nameservers, DNS would become a real disaster. If combined with some BGP trickery, you could even see domain names being poisoned.
We should be able to be worked around the damage eventually; but so much of the internet relies on so few root servers/hosts/routers.