It’s ICANN versus the blockchain in Kuala Lumpur
Internet fragmentation and the rise of blockchain-based naming systems were firmly on the agenda at ICANN 75 in Kuala Lumpur today, with two sessions exploring the topic and ICANN’s CTO at one point delivering a brutal gotcha to a lead blockchain developer.
Luc van Kampen, head of developer relations at Ethereum Name Service, joined a panel entitled Emerging Identifier Technologies, to talk up the benefits of ENS.
He did a pretty good job, I thought, delivering one of the clearest and most concise explanations of ENS I’ve heard to date.
He used as an example ICANN’s various handles across various social media platforms — which are generally different depending on the platform, because ICANN was late to the party registering its name — to demonstrate the value of having a single ENS name, associated with a cryptographic key, that can be used to securely identify a user across the internet.
Passive aggressive? Maybe. But it got his point across.
“We at ENS envisage a world where everyone can use their domain as a universal identifier,” he said. Currently, 600,000 users have registered 2.4 million .eth domains, and over 1,000 web sites support it, he said.
He described how ENS allows decentralized web sites, is managed by a decentralized autonomous organization (DAO) and funded by the $5 annual fee for each .eth name that is sold.
Van Kampen had ready responses to questions about how it would be feasible for ENS to apply to ICANN to run .eth in the consensus root in the next new gTLD application round, suggesting that it’s something ENS is thinking about in detail.
While not confirming that ENS will apply, he described how a gateway or bridge between the Ethereum blockchain and the ICANN root would be required to allow ENS to meet contractual requirements such as zone file escrow.
What did not come up is the fact the the string “eth” is likely to be reserved as the three-character code for Ethiopia. If the next round has the same terms as the 2012 round, .eth will not even enter full evaluation.
But the real gotcha came when ICANN CTO John Crain, after acknowledging the technology is “really cool”, came to ask a question.
“What kind of safeguards and norms are you putting in place regarding misbehavior and harm with these names?” Crain asked.
Van Kampen replied: “Under the current implementation of the Ethereum Name Service and the extensions that implement us and the integrations we have, domains are unable to be revoked under any circumstances.”
“So if I understand correctly, under the current solution, if I’m a criminal and I register a name in your space, I’m pretty secure today,” Crain asked. “I’m not going to lose my name?”
Van Kampen replied: “Under the current system, everything under the Ethereum Name Service and everything registered via us with the .eth TLD are completely censorship resistant.”
Herein lies one of the biggest barriers to mainstream adoption of blockchain-based alt-roots. Who’s going to want to be associated with a system that permits malware, phishing, dangerous fake pharma and child sexual abuse material? Who wants to be known as the maker of the “kiddy porn browser”?
If I were Crain I’d be feeling pretty smug after that exchange.
That’s not to say that ICANN put in a wholly reassuring performance today.
Technologist Alain Durand preceded van Kampen with a presentation pointing out the substantial problems with name collisions that could be caused by blockchain-based alt-roots, not only between the alt-root and the ICANN root, but also between different alt-roots.
It’s a position he outlined in a paper earlier this year, but this time it was supplemented with slides outlining a hypothetical conversation between two internet users slowly coming to the realization that different namespaces are not compatible, and that the ex-boyfriend of “Sally” has registered a name that collides with current boyfriend “John”.
It’s meant to be cute, but some of the terminology used made me cringe, particularly when one of the slides was tweeted out of context by ICANN’s official Twitter account.
To learn more about alternative naming systems, read #ICANN's OCTO publication >> https://t.co/LFYjy1KX3w | Emerging Identifier Technologies #ICANN75 pic.twitter.com/mWN7fCc7eR
— ICANN (@ICANN) September 21, 2022
Maybe I’m reading too much into this, but it strikes me as poor optics for ICANN, an organization lest we forget specifically created to introduce competition to the domain name market, to say stuff like “Market, you are a monster!”.
I’m also wondering whether “icannTLD” is terminology that plays into the alt-root narrative that ICANN is the Evil Overlord of internet naming. It does not, after all, actually run any TLDs (except .int).
The language used to discuss alt-roots came under focus earlier in the day in a session titled Internet Fragmentation, the DNS, and ICANN, which touched on blockchain alt-roots while not being wholly focused on it.
Ram Mohan, chief strategy officer of Identity Digital and member of ICANN’s Security and Stability Advisory Committee, while warning against ICANN taking a reflexively us-versus-them stance on new naming systems, wondered whether phrases such as “domain name” and “TLD” are “terms of art” that should be only used to refer to names that use the consensus ICANN-overseen DNS.
We ought to have a conversation about “What is a TLD”? Is a TLD something that is in the IANA root? Is a domain name an identifier that is a part of that root system? i think we ought to have that conversation because the place where I worry about is you have other technologies in other areas that come and appropriate the syntax, the nomenclature, the context that all of us have worked very hard to build credibility in… What happens if that terminology gets taken over, diluted, and there are failures in that system? … The end user doesn’t really care whether [a domain] is part of the DNS or not part of the DNS, they just say “My domain name stopped working”, when it may not actually be a quote-unquote “domain name”.
Food for thought.
Blockchain domains pose “significant risks” to internet, says ICANN
The internet could be fragmented and made less secure by the proliferation of blockchain-based naming systems, according to a recent position statement from ICANN’s chief technology officer.
The report, “Challenges with Alternative Name Systems” (pdf) worries aloud about systems such as Namecoin, Ethereum Naming Service, Unstoppable Domains, and Handshake.
It says: “the creation of new namespaces without any coordination (either among themselves nor with the DNS) will necessarily lead to name collisions, unexpected behaviors, and user frustration.”
“The end result might very well be completely separate ecosystems, one for each naming system, further fragmenting the Internet,” it concludes.
It’s a pretty brisk, high-level, 15-page summary of the various alt-root naming systems grouped around the “Web3” meme that have been gaining various levels of popularity over the last few years.
It doesn’t drill too far down into any of them and doesn’t really say much that we haven’t heard from ICANN before about blockchain naming, but it does broadly cover what’s out there, how these systems are used, and why they pose risks.
Opposition to alt-roots is an almost foundational principle of ICANN, documented in ICP-3, a 21-year-old document that dates from a time when alt-roots used standard DNS but with different root servers.
ICANN has in the last year pushed back against the newer blockchain-based alts, most prominently by delaying the sale of some gTLD contracts and forcing registry’s to renounce their ownership rights to gTLD strings.
One new addition to the debate that caught my eye was OCTO noting that a lack of coordination between the various alt-roots in operation today presents similar kinds of interoperability risks as does the lack of coordination between the alts and the authoritative root.
It notes that “at least four blockchain-based naming systems are competing today” and as a result “when developing an application, one must decide which blockchain-based naming system to use.”
“As there is no namespace coordination mechanism between those alternative naming systems, name collisions must be expected,” it says.
UPDATE: This story was updated at 2232 UTC to change the headline from “Blockchain poses ‘significant risks’ to internet, says ICANN” to “Blockchain domains pose ‘significant risks’ to internet, says ICANN”
My brain explodes trying to understand MMX’s new blockchain deal for .luxe
Minds + Machines has abandoned plans to launch .luxe as a gTLD for luxury goods and instead made a deal to sell it as an address for cryptocurrency wallets.
If you thought it was a silly move marketing .ws as meaning “web site” or .pw as “professional web”, you’re probably not going to like the backronym MMX has in mind for .luxe:
“Lets U Xchange Easily”.
Really.
Tenuous though that marketing angle may be, the concept behind the newly repurposed TLD is actually quite interesting and probably rises to the level of “innovation”.
MMX has inked a deal with Ethereum Name Service, an offshoot of Ethereum, an open-source blockchain project.
Ethereum is largely used as a cryptocurrency, like BitCoin, enabling people to transfer monetary value to each other using “wallet” applications, though it has other uses.
I’m just going to come right out and say it: I don’t understand how any of this blockchain stuff works.
I’ve just spent an hour on the phone with MMX CEO Toby Hall and I’m still not 100% clear how it integrates with domains and whether the .luxe value proposition is really, really cool or really, really stupid.
I’ll just tell you what I do understand.
Currently, when two Ethereum users want to transfer currency between each other, the sender needs to know the recipient’s wallet address. This is a 40-character nonsense hash that makes an IPv6 address look memorable.
It obviously would be a lot better if each user had a human-readable, memorable address, a bit like a domain name.
Ethereum developers thought so, so they created the Ethereum Name Service. ENS allowed people to use “.eth” domains, like john.eth, as a shorthand address for their wallets. I don’t know how it works, but I know .eth isn’t an official TLD in the authoritative root.
About 300,000 people acquired .eth domains via some kind of cryptographic auction process that I also don’t understand. Let’s just call it magic.
Under the deal with MMX, some 26 million Ethereum wallet owners will be able use .luxe domains, dumping their .eth names if they have them.
The names will be sold through registrars as usual, at a price Hall said will be a little bit more than .com.
Registrants will then be able to associate their domains with their 40-character wallet addresses, so they can say “Send $50 to john.luxe” and other crypto-nerds will instantly know what to do. Ethereum wallets will apparently support this at launch.
Registrars will need to do a bit of implementation work, however. Hall said there’ll be an API that allows them to associate their customers’ domains with their wallets, and to disassociate the two should the domain be transferred to somebody else.
This is not available yet, but it will be before general availability this November, he said.
What this API does is beyond my comprehension.
What I do understand is that at no point is DNS used. I thought perhaps the 40-char hash was being stored in the TXT field of a DNS record, but no, that’s not it. It’s being stored cryptographically in the blockchain. Or something. Let’s just say it’s magic, again.
The value of having a memorable address for a wallet is very clear to me, but what’s not at all clear to me is why, if DNS is not being queried at any part of the Ethereum transaction, this memorable address has to be a domain name.
You don’t need a domain name to find somebody on Twitter, or Instagram, or Grindr. You just need a user name. Why that model couldn’t apply here is beyond me.
Hall offered that people are familiar with domain names, adding that merchants could use the same .luxe domain for their web site as they use for their Ethereum wallets, which makes sense from a branding perspective.
The drawback, of course, is that you’d have to have your web site on a .luxe domain.
The launch plan for .luxe sees sunrise begin August 9, running for 60 days. Then there’ll be two weeks for .eth name holders to claim their matching .luxe names. Then an early access period. GA starts November 6.
While it should be obvious by now I don’t fully “get” what’s going on here, it strikes me as a hell of a lot more interesting way to use .luxe than its originally intended purpose as a venue for luxury goods and services.
Let’s face it, depending on pricing it would have turned out either as a haven for spammers, a barely-breaking-even also-ran, or a profitable business propped up by a couple thousand trademark owners paying five grand a year on unused defensive regs.
Recent Comments