Domain hijacking prevention

[jippie]

I did a quick browse on domain hijacking (and selling for a profit), but couldn't find anything on this. I think it is a major concern for a DNS-like system with which it is free and easy to register any domain name. Is this considered in the design?

Jippie

[eternaleye]

(01-30-2011 04:09 AM)jippie Wrote:  I did a quick browse on domain hijacking (and selling for a profit), but couldn't find anything on this. I think it is a major concern for a DNS-like system with which it is free and easy to register any domain name. Is this considered in the design?

Jippie

I think the consensus (and I could be wrong, but I should be corrected by someone if so) is that records will be digitally signed by the registrant via public-key cryptography, which would make spoofing of the (name, publickey) pair infeasible.

[jippie]

(02-02-2011 02:25 AM)eternaleye Wrote:  records will be digitally signed by the registrant via public-key cryptography, which would make spoofing of the (name, publickey) pair infeasible.

Indeed that is what I think I understood from an other thread, but it is not what I meant by domain hijacking. Maybe I used a wrong term.

What I mean is people quickly registering domain names on speculation, and parking them. Then when I decide to register the domainname, it is already taken and I can buy the domain from them for money. This is common pratice and an important reason for ICANN to introduce massively expensive TLDs.

I think it is very difficutlt to ban this sort of malicious behaviour, but I am curious if someone can think of a simple effective solution.

[lauren]

My view is that the fundamentally different nature of IDONS names would tend to make this largely a non-issue in the sense that we normally think of the problem today.

--Lauren--

[jippie]

(02-02-2011 08:08 PM)lauren Wrote:  My view is that the fundamentally different nature of IDONS names would tend to make this largely a non-issue in the sense that we normally think of the problem today.

--Lauren--

Curious about your ideas. If I were a company owner, wanting visitors to easily find me on the internet, I wouldn't like too complex names. Ideally I'd want to be able to register "idons", "philips", "samsung" or "general-electric". If domain names are harder to remember than they are with current DNS, switching to a new system will be a challenge.

As mentioned in another thread, ".com", ".net", ".org", ... has little meaning these days, in contrast to what it was intended like. Interesting to see ICANN introducing truckloads of these meaningless sometimes very expensive TLD's, which in the end (in my opinion) makes websites just harder to find/remember.

Maybe we cannot solve all issues ;o)

JP

[bug1]

The plan is to not have anything centralization or authoritarian setup,.

The ideas discused involved trust metrics or either hierarchies or intersections of names.

IMO this is the biggest unresolved issue

[QuintonMedina]

I think some of these hijackings are done when people do not update their e-mail address.

[AllenGould]

Also worth noting that beyond a need for a unique address for the machine you want to talk to, there may not be a benefit to enforcing any sort of unique name.

Look at a phone address book - I know many people who don't (or can't) remember the ten-digit phone number anymore. You write down the number once, associate it with a name, and then you use the name from then on. Somehow we have survived without enforcing unique worldwide names in that instance.