Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

0005-DNS change proposal: Cache names longer with confidence #59

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

da2x
Copy link

@da2x da2x commented Feb 18, 2019

Web server and DNS may be hijacked and return the wrong Dat key. This new caching method allows for name resolution caching to grow linearly as confidence in the returned result increases over time.

E.g. if a name was first resolved three days ago, it can be cached for up to six additional days if we're confident in the resolver result. After two weeks, the name can be cached for four weeks and so on. Domain owner still controls maximum caching time with TTL.

Increases performance and privacy while making clients less susceptible to centralized/decentralized service disruptions (such as a DDoS or a server running out of memory.) Reduces dependency on servers.

I've written an article, Well-Known URI vs DNS-SD for routing distributed web service discovery around internet censorship (and disruptions), that has some more context on why these changes are necessary.

da2x added 2 commits February 18, 2019 16:06
Web server and DNS may be hijacked and return the wrong Dat key. This new
caching method allows for name resolution caching to grow linearly as
confidence in the returned result increases over time.

E.g. if a name was first resolved three days ago, it can be cached for up
to six additional days if we're confident in the resolver result. After
two weeks, the name can be cached for four weeks  and so on. Domain owner
still controls maximum caching time with TTL.

Increases performance and privacy while making clients less susceptible to
centralized/decentralized service disruptions (such as a DDoS or a server
running out of memory.) Reduces dependency on servers.
Include example algorithm.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant