[nathias]

> Some protocols require the introduction of centralization risk that is unavoidable by nature. For example, when there is a need a single, globally coordinated 'source of truth', that facility is by nature centralized.

No, there is nothing unavoidable in making a centralized DNS system.

[AnthonyMouse]

Right. Even putting aside blockchain-based systems, you can have systems without a dictator because they're based on voting.

Suppose the root is a set of public keys, each with a top level domain. Adding one requires a supermajority of the others to agree. Removing one is impossible; it can sign its own successor and that's it. You now have a federated system with no single chokepoint.

[mindslight]

I'd say blockchain naming and the system you describe are still both centralized. The authorities are distributed, but they're still collectively responsible for deciding on a single coherent root.

Compare with systems that don't revolve around making any coherent global view, like Petnames. In the context of Zooko's triangle - do the human readable name lookup once as part of a manual process, and then persist the relationship as decentralized/secure but not human-readable.

[notriddle]

> because they're based on voting

All voting systems require protection against Sybil attacks. The best methods to protect against Sybil attacks are centralized. The not-best methods use proof of work, which has extreme downsides and only makes Sybil attacks expensive, not impossible.

[AnthonyMouse]

> All voting systems require protection against Sybil attacks.

The voting system is the protection against Sybil attacks. A successful Sybil attack would allow you to add your own TLDs, but if you can't already do that then you can't do a Sybil attack.

The real issue with that kind of system is deciding on the initial group of voters.

[notriddle]

How do the existing group of voters prove to themselves that the to-be-added voter is actually a unique person, and not a sockpuppet? If it’s something like a government ID, then they’ve outsourced the Sybil protection, and not actually gotten rid of it.

[immibis]

What stops me adding 10000000000 fake users and having them all vote for my new TLD?

[guerrilla]

Sybil attacks aren't possible in what was just described though since it requires a vote to create a new voter.

[acdha]

I think that's a question of whether you're thinking of “unavoidable” in the technical or social context. You could design a system where anyone can run their own root but would you want to operate a business in a world where your advertisements need to list which of the DNS roots you use and spend time paying to register with everything which becomes popular enough that spammers would consider registering your names? That seems even worse than the proliferation of top-level domains since there at least the name which people see is actually different than the one you advertise.

[ggm]

You convert a single point of truth to a set of the point of truth and a voting system. The current cryptographically signed model uses a single signing authority. I suppose you could argue for multiple independent signing but it begs the question how you arrived at what was to be signed. That's a process to a unitary decision.

[perryizgr8]

In fact, isn't torrent magnet links exactly this kind of a system? You can locate files on thousands of peer systems, without using a centralized tracker.

[notriddle]

But not human readable, so not a replacement for DNS.

https://en.wikipedia.org/wiki/Zooko%27s_triangle

[doublepg23]

Can you comment on the proposed solutions in that article?

[aspenmayer]

DHT definitely seems to fit. You can even search the DHT itself without using torrents or magnet links at all.

[preseinger]

What? Practical addressability requires centralization by definition. How could it work otherwise?

[sweetbitter]

If we go for human-readable and decentralized with reasonable security, we can look towards 'petname' systems, like the 'Address Book' software popular on the I2P network. Petnames are the subjective binding of public keys to shortened names, where a user resolves domain names to keys according to a combination of their own personal list (which can be easily expanded with specially-formatted 'address helper links') and the lists of third parties which they have chosen to trust (or which they have been bootstrapped into, thus trusting the bootstrapper by proxy). No need for environmentally unfriendly proof of work schemes or what-have-you. This falls on the 'less secure' point of Zooko's Triangle in the sense that, although it is very practical, decentralized, and usually avoids conflict, it does have trust-based security flaws if those providing their lists ('resolvers' if you will) manage to swap out keys for a petname without anyone noticing.

[preseinger]

You're suggesting each user maintain their own DNS lookup table?

[wmf]

See https://en.wikipedia.org/wiki/Zooko%27s_triangle for an exploration of the tradeoffs.

[preseinger]

From the PetNames site,

> Each name set consists of three elements: a key that is global and securely unique (but not necessarily memorable); a nickname that is global and memorable (but not at all unique), and a petname that is securely unique and memorable (but private, not global)

An essential component of a practical addressing system is names which are global, memorable, _and_ unique. Colloquially, I need to be able to say "Google dot com" over the phone to someone, and their experience using that name needs to be identical to mine. A system that doesn't provide this property doesn't solve the problem.

[goodpoint]

...for an arbitrary definition of "practical".

There isn't a single world-wide authority that assigns names to people or companies, or plate numbers to cars or airplanes. It's partially federated and we accept the tradeoffs.

[immibis]

Humans can use ad-hoc disambiguation where needed - "it's the A1 Computers down by the lake" - but computers can't handle one name resolving to two different sites. When a1computers.com is registered twice, it won't automaticallychange one to a1computersdownbythelake.com and the other to a1computersbytheairport.com.

[goodpoint]

> computers can't handle one name resolving to two different sites

There's plenty of ways do to so: by configuration, by quorum, by bookmarking pet names on first use, or by asking the use (what every search engine does when people look up e.g. "netflix")

[preseinger]

I'm all for embracing the invariants of eventual consistency, but an internet addressing system without an authoritative (i.e. centralized) truth is practically useless.

[preseinger]

We're talking about name resolution on the internet. Some source of authority is required to keep the overall system sound. Said another way, if two people query the same name and get categorically different answers, or reliably non-deterministic answers, the system is unsound.