[nickthenerd]

Technically Matter can run purely local, no external web requests (well there are some attestation and certs that are confirmed by the Controller). Then Matter devices use Endpoints and Clusters for control, device to device or Controller to device. Matter devices' Commissioning process is done in 2 ways - for Thread devices, they require the operational dataset of the Thread network, which is held by the Border Router, then the Border Router needs information about the Thread Device (Device ID, Discriminator, and PIN Code). This can be exchanged over BLE or NFC with the Controller (smartphone app like Homekit, Google Home, etc). If you have WiFi only devices then Commissioning is done via the Controller only. In both of these cases any DNS lookup would be done by the Controller.

[westurner]

> Technically Matter can run purely local, no external web requests (well there are some attestation and certs that are confirmed by the Controller).

So Matter should work when the [W]LAN is up but there is no external DNS or IP connectivity?

> Then Matter devices use Endpoints and Clusters for control, device to device or Controller to device. Matter devices' Commissioning process is done in 2 ways - for Thread devices, they require the operational dataset of the Thread network, which is held by the Border Router, then the Border Router needs information about the Thread Device (Device ID, Discriminator, and PIN Code). This can be exchanged over BLE or NFC with the Controller (smartphone app like Homekit, Google Home, etc). If you have WiFi only devices then Commissioning is done via the Controller only. In both of these cases any DNS lookup would be done by the Controller.

Does the Controller optionally run DoH (DNS-over-HTTPS), DoT (DNS-over-TLS), DoQ (DNS-over-QUIC; which is easy to load-balance because it's UDP), DNS-over-CoAP, or plain-old unsecured DNS with optional DNSSEC validation? What about ENS (Ethereum Name Service; "web3 dns"; why was DNS reinvented for the smart-contract world? And what about Matter and IoT?

Found this which explains ENS, which is perhaps less obtusely more complex than your DNS-over-CoAP thing: https://www.cryptohopper.com/blog/6536-what-is-the-web3-doma... ( https://web3py.readthedocs.io/en/stable/ens_overview.html )

> ENS domains work similar to traditional domain names, but with the new web 3.0 infrastructure, they can create decentralized applications and websites, and store data or files on the blockchain.

> The ENS is the new domain naming system built on top of the Ethereum network that enables users to create memorable and distinctive addresses or usernames. It utilizes Ethereum's smart contracts to provide supplementary services to the conventional DNS and manage domain name registration and resolution. ENS allows users to create a single username for all their wallet addresses, decentralized apps, and websites in a distributed ecosystem.

> ENS utilizes three types of smart contracts: the registry, the registrars, and the resolvers.

And of course there are better than PIN codes and CRL-less x.509 certs for entropy there. DLTs are specifically designed to be resilient to [mDNS] DDoS.