Hacker News new | past | comments | ask | show | jobs | submit login

> Beyond network effect, nope.

So why does no-one do this/ Obviously people do do it for ad-blocking, so why not for other purposes? Too difficult to get traction, perhaps?




You can do it on your own systems all you like, but the thing people love about domain names is that anyone who types in a domain can get to that particular site. The fact that we all generally agree where a domain points to is part of what makes them useful.

If I decide I want to have my personal website be called google.com I can edit my hosts file to point google.com to my webserver and everything works for me, but anybody else going to google.com is going to get Google's page instead unless I somehow convince them to edit their files or use my weird DNS server.

Even if I come up with some great reason that makes people want to accept that google.com is better when it goes to my website instead, what happens when someone else decides they should be able to use google.com for something else and they convince a bunch of people to use their weird DNS server? We could fragment the DNS all over the place and have several conflicting entries for every popular domain name depending on what DNS server you're using but is that really better?


People do, it's just niche.

OpenNIC has a lot of non-ICANN domains but runs in a fashion similar to ICANN (central organization deciding rules for TLDs). Iirc there are some small non-US communities that use this a lot.

There are also a decent amounts of crypto TLDs (.bit for namecoin, Ethereum has a couple, etc).

There are of course a lot of corporations that use custom DNS domains for internal purposes, like .corp or .internal or the like.

It is difficult to get people to change their DNS serves en masse to something non-standard. The lack of being able to get real TLS certificates is also an issue though there is work in this direction: OpenNIC is developing a traditional CA afaik and namecoin has some experimental stuff to support DNSSEC and TLSA to have TLS certs enforced by the blockchain.


There are DNS blocklists for mail servers. It's a slightly different thing, but basically there's if there's an entry it means there's a reputation for the mail sender. Some of them are present/not present and some have a score. Some are against the IP of the sender only, while others are against the domain name or full hostname of the sender. You just set your mail server to do the right lookup against the right DNS server, and incoming mail can be filtered based on the results of the DB someone else is maintaining.


There are a very few alternate roots that have actually gotten traction - the most famous of which is .onion


.onion is weird in that it isn't actually DNS; it doesn't support DNS records (like A, SRV, TXT, etc) and applications that use it don't use DNS to connect to things behind onion services.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: