The domain naming scheme proposal #2087
Comments
|
Are we sure we want the |
|
In my opinion, the protocol handler cannot be considered as a proper solution, since 1) the protocol used by browser is actually HTTP, 2) Zeronet also makes use of the ws:// protocol under the hood (websocket connections). 3) there can be other widely used protocols in the future, which will also be supported by ZeroNet. (As discussed in #83 (comment).)
|
|
The problem of the proposed approach is that domain names are case-insensitive, while cryptographic hash addresses are case-sensitive. So So, for those addresses, we need the hash part to be in the path after the domain name. We can use something similar to If the iframe support gets dropped by browsers some day, a case-insensitive encoding is the only option. |
|
I think that easiest and fastest way to at least enable Users need to add this Proxy PAC file to their system or browser. This will use function FindProxyForURL(url, host) {
if (shExpMatch(host, '*.zeronet')) {
return 'PROXY localhost:43110'
}
return 'DIRECT'
}Then the ZeroNet code needs to be updated. There are currently a few problems which need to be resolved:
This is for the beginning. It could be annoying for users to set Proxy PAC file, so there also needs to be some more automated solution. This could include some registry tweaks and some other settings to automatically use ZeroNet for all Also, can we register
There should also be support for other domain systems, as suggested in my issue #2049. But domain scheme structures should be almost the same.
What if there is some ID provider that would use another domain system, for example, Ethereum Name Service ( Based on your examples, cert-based domains are
Here it would maybe be better to just use
I don't know if support for this is actually needed. Onion domains are random, so there's probably no benefit from using it instead of a regular Bitcoin address. But if there could be some benefit, maybe similar to that with classic DNS, it should still be supported.
I personally more like I hope there is some solution for turning URL into lowercase. If there's not, we would need to use some other solution. |
We should have $185000 and be some kind of legal entity (company or organization). |
Simple & silly solution: Just ignore the address case. The probability of two addresses matching case-insensitive but not totally equal is small enough to ignore it. |
Though I have no idea how onion domains could be used in ZeroNet (waiting for @geekless'es proposal), there's a thing like vanitygen there. facebookcorewwwi.onion would like to have a word with you. |
Oh...
This would be ok it it would be possible to implement.
Yes, vanity domains could be useful if you already have them. |
That requires implementing the case-insensitive matching on the tracker side as well. |
|
Not really. Just send the lower-cased address to trackers. |
|
offtopic: BTW, your idea about making a tracker to collect site list won't work, because ZeroNet uses the SHA1 of the address for announcing, not the address itself. |
All of a sudden! On zero:// too? |
|
SHA1 is used for clearnet, SHA256 for zero://. |
So, looks like we should send sha sums of the both case-sesitive and lowercased addresses. |
For backward compatibility? |
That's a great news, on the other side. So one have to know the actual address to visit a site. Trackers and DHT cannot be used to get access to new or private sites.
Yes. |
|
One problem that arises when we make addresses case-insensitive is Bitcoin compatibility -- someone can accidentally transfer money to 1hello4uzjaletfx6nh3pmwfp3qbrbtf3d instead of 1HeLLo4uzjaLetFx6NH3PMwFP3qbRbTf3D. |
|
@imachug Are that lowercase addresses actually valid Bitcoin addresses (because of invalid chars and checksum)? Won't wallets prevent people to send Bitcoin to invalid address? I think that site address should only be shown in lowercase in URL. In the UI (sidebar...) and ZeroFrame commands ( |
You're a genious, that's right. However, we still have a small problem that you can't donate directly to site address anymore (though, that's somewhat a feature) |
Could real site address still be displayed in UI, sidebar and ZeroFrame commands? |
Heck, you can actually recover the full address (case-sensitive) from the content.json signature! So it's possible. |
|
So, it becomes more and more like a workable solution. What' worrying me most now is the cert-based model. First, we have an optional Second, we need a part to distinguish the cert addresses. I propose using Third, the cert proveder itself. Here the problems begin. Since the provider names have the dot inside (zeroid.bit, kxoid.bit etc), the dot cannot be used to split the user and the provider parts without additional considerations. We can arbitrarily discard suffix Next, where we should save the provider list. Should it be hardcoded, fetched from some site etc? Or we can just scan the network for widely used provider names and their public keys, and if there isn't any ambiguity or conflicts, use those names? In this way, the plugin, implementing the addressing model, can automatically detect that The latter looks good at the first glance, but I have some doubts about the security. Okay, lets say we have domain
What if someone adds a new provider and names it
And it poins to a different location. We should check for provider names, that looks like a subdomain of other providers and most likely block the domain resolution for them. On the other hand, someone can use the provider name |
|
Can we use |
|
|
|
Ok, that's a problem. We have |
|
Or |
|
The both conflict with the Namecoin address space. |
Allowed. For example, http://127.0.0.1:43110/zerome-reloaded.bit |
|
Oh, my bad, I looked through ZeroName and didn't find a site with a dash. Here's another idea then: your question was about how to distinguish |
Yeah, but my point is that the plugin should scan and detect cert providers automatically. (We can just scan So, what should we do? I guess, if the plugin detects a conflict, it should just stop and report the issue to the user. The user have to manually blocklist In this case, it's the same solution as for spammers and sites with inappropriate content -- blocklists. Sites, trying to fake a provider identity, should be considered as inappropriate and included in some blocklist for that reason. Thinking about it, it looks like a good solution for me now. No one should have power to dictate terms to ZeroNet users. The ZeroNet distribution may have some reasonable defaults, but it's up to user to finally decide, what is trustful and what is fraud. |
|
Ok. So, what's the best solution then? Crawl all user content.json's to gather a cert_user_id <-> address mapping? |
As the last resort, yes. For zeroid.bit, the database is located at the address of the provider key, so we can access it directly. 12F5SvxoPR128aiudte78h8pY7mobroG6V (kxoid.bit) is just an empty site now, redirecting to another location. I don't know what is a proper way to access its database, if any. We should develop a uniform protocol for accessing the provider DB in the future. |
From my understanding, a protocol handler is an application that knows how to handle particular types of links. And it is not what we want ? I get your point on HTTP however I am not convinced that it is relevant (but I am not saying I can't be convinced...). Also I am interested in starting ZeroNet program using the protocol handler and adopting this standard would allow it. However I am aware that not everyone might be using ZeroNet this way. They might have a server running ZeroNet and they just need to register the browser which is possible too. Regarding the HTTP argument, I am wondering that if the HTTP part isn't only the protocol use to 'consume' the content? Like we download a video using torrent application which is open with the |
|
There's a gopher plugin we've made together with krixano, and it worked rather well, so I'm sure that more protocols for consuming content will be added in the future. |
|
zero:// can be used to redirect the link to an OS-level handler to run a ZeroNet instance, which then opens the (appropriately modified) link in a browser. But that goes beyond the scope of this proposal. |
Nice! Do you have the link to repo? Have you rebuild ZeroNet in it? |
Yeah I agree this is a bit out of scope. It is however not clear why you want to add the |
Here's a repo for Python 2 version: https://github.com/imachug/Plugin-Gopher |
|
@imachug Will there be Python 3 version? |
|
@filips123 That project was somewhat a PoC, and we (krixano and me) have some more projects to do now, so I think that plugin isn't going to receive any updates. If someone likes the idea though, I'm ready for PRs. |
|
The current system is fine. This idea is rather ridiculous and pointless. |
So, you don't think Namecoin centralization is a problem? |
That assumes a bit much. Is there no alternative like .eth? $185,000 is a hefty price, a few yearly salaries or bug bounties fitting into that bill. Not to mention it's centralized and clearnet reliant. Am I wrong? If I am, maybe .zn is better for shortness/convenience? I know you're more knowledgeable than I, but many of us are not understanding the idea well. Can you make bullet points for all the benefits in OP? Your points are scattered between comments. |
I'm currently working on ENS support so this will be supported in near future.
You mean this for
It would conflict with two-tetter TLDs for countries. |
|
Understood. |
|
@HelloZeroNet @geekless It might be possible to register |
|
I know I'm not a contributor so I hope I'm not overstepping my bounds, but I stumbled on this thread while looking at ZeroNet and I wanted to throw my two cents in. I really think the additional TLD isn't the best solution, and is actually exacerbating the problem you're trying to solve (the central dependency on Namecoin). It seems that this problem actually originates from the current ZeroNet architecture that is mixing domain resolution and domain access concerns, rather than letting the resolution and protocol stacks do their jobs independently. By adding the new TLD you're maintaining that coupling and actually limiting the amount of ways a user can resolve a ZeroNet address. For example it would be great if website owners could add something like a As you noticed, the new TLD also breaks things like TLS, and I'm sure there will be other unknown effects if it's added. As a website owner I should (ideally) be able to serve the same certificate and site to both normal and ZeroNet users, or even mix the two (e.g. fall back on plain web content if it's not available on ZeroNet in a timely manner) without running into issues like cross site scripting and CORS. A better solution would separate the resolution concerns out, and it seems like adding the new protocol is the right way to go about it.
I actually disagree with this on two points. First, even though the browser is using HTTP, that HTTP is still being wrapped, which actually points to having a new protocol. Second, the protocol actually has a lot to do with resolution, for example using a I do agree with the concerns regarding the extensibility of the The only problem I see at a glance would be that the resolution stuff may be a bit tough to add at the browser level. I could see the Chromium maintainers not wanting to add it, but I could also see some maintainers of forks, like Brave and Dissenter, being happy to add ZeroNet integration directly (Dissenter already has webtorrent integration), so it may be feasible. |
|
There is a new browser extension by @sprite-1 which adds support to access ZeroNet domains using URL prefixes or custom TLDs. There is also ZeroTalk topic about it. Ways of accessing are described in its README. However, the extension doesn't load site to the original URL. Instead, it just redirects them to I think that ZeroNet should first standardize one specific way of accessing ZeroNet domains. Then this (or any other extension or another program) needs to be modified to use that specific way. It would also be good it could leave original URLs. Then this extension should be made "official" along with other programs for accessing ZeroNet domains. There is also another extension which uses PAC file so URL can stay the same. However, it is only available for Chrome and abandoned. Some of its code could maybe also be reused for a new extension. |
ghost
mentioned this issue
Why do you think so? Because there is currently no standard, all options should be possible. When standard will be created, only is should be enabled. |
|
As far as I know, the only thing my extension potentially screws up are |
|
@sprite-1 Can you add configuration page to let users manage which keywords, addresses and TLDs should be rewritten? This would be useful if the user does not need all possibilities or you forgot some of them. It should have the following option:
|
|
@filips123 Scenario: someone pastes link in reddit etc with http://mydomain.zeronetrocks but you don't have that particular plug-in that will redirect properly and you have to manually extract "mydomain". |
|
@krzysztof113 This is not what that plugin is meant for. And how would you actually do this with a plugin? This needs to be done with ZeroNet changes. Public ZeroNet instance should accept URL like For local ZeroNet instances, See this issue, issues linked from this issue and issues that link this issue for details. |
I've been meaning to do this but just haven't had the time yet lately so it's definitely something I want in there |
|
I created a comment about different ways of accessing ZeroNet and ways of implementing that in #2100 (comment). |
Some related comments and discussions:
The idea:
http://127.0.0.1:43110/...andhttp://.../via a proxy..zeronetis used:http://<address>.zeronet/http://127.0.0.1:43110/, the.zeronetpart can be ommitted and is ignored by the core if present.These point to the same site:
http://127.0.0.1:43110/<address>- the classic way.http://127.0.0.1:43110/<address>.zeronet- for similar look&feel to the proxied addresses.The proposed second-level domain schemes:
Namecoin domains:
.bit.zeronetCert-based, as proposed in ZeroID-based domain names #1696:
.user.zeronetOpennic-based (Add DNS Support #104):
.opennic.zeronetOnion-based (the protocol proposal hasn't been published yet):
.onion.zeronetThe text was updated successfully, but these errors were encountered: