Domain Name System (DNS) 26 November 2013

Happy 30th Birthday, DNS!

By Andrei RobachevskyFormer Senior Director, Technology Programmes
In November 1983, two RFCs, RFC 882 and RFC 883, authored by Paul Mockapetris, defined the Domain Name System, the DNS.
For some details on the history of the DNS, you can read yesterday's Deploy360 blog post on "Celebrating 30 Years of the Domain Name System (DNS) This Month".
There's also a great history section in last year's Internet Society briefing paper by David Conrad: "Towards Improving DNS Security, Stability, and Resiliency"
In particular: "RFC 805, "Computer Mail Meeting Notes," details a February 1982 meeting at which the decision was made to move to a “hierarchy of domains”. This new approach to host naming, described as the “Domain Naming Convention for Internet User Applications” was codified and introduced in August 1982 with the publication of RFC 819, by Zaw-Sing Su and Jon Postel.
RFC 819 provides the general outline of what would become the DNS, including the ideas of naming authorities, registrars, and iterative and recursive resolvers. RFC 819 states: The intent is that the Internet names be used to form a tree-structured administrative dependent, rather than a strictly topology dependent, hierarchy. RFC 819 also defined the first top-level domain, .ARPA, as “the set of organizations involved in the Internet system through the authority of the U.S. Defense Advanced Research Projects Agency".
While the basic architecture of the system has remained the same, the DNS has evolved enormously, both in its scale and functionality over these 30 years. More than 50 IETF specifications define various aspects of it. Many application protocols rely heavily on it, beyond simple name to address translation. It provided an inspiration and a platform for many applications, becoming a globally distributed, secure (if DNSSEC is used) and resilient database.
Its spread and accessibility is global, its support is ubiquitous. This makes the DNS so attractive when new protocols need to store globally accessible data. Examples range from support for specific applications, like e-mail (MX Resource Records), to more generic Resource Record Types used to convey information for multiple protocols (SRV and NAPTR Resource Records). But care should be taken, warned the IAB in 2009, providing guidance in their "Design Choices When Expanding the DNS."
And unfortunately the DNS is also abused. DNS servers have been attractive amplifiers for DDoS attacks. It is used by command-and-control centers for operating botnets. It is applied to limit access to information (see, for instance, our paper "DNS blocking or filtering by ISPs to protect interests of copyright holders"). There are collaborative efforts (like the Open Resolver Project), operational practices and mitigation technologies (like Response Rate Limiting) that fight against this abuse.
As we continue our work in routing, security (including DNSSEC), and open Internet standards, it's worth remembering this historic occasion.
Happy Birthday, DNS!

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

10 March 2021

Internet Society Joins Leading Internet Advocates to Call on ISPs to Commit to Basic User Privacy Protections

Mozilla, the Electronic Frontier Foundation, and the Internet Society call on AT&T, T-Mobile, and Verizon to commit to limiting...

Improving Technical Security 15 March 2019

DNS Privacy Frequently Asked Questions (FAQ)

We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions,...

Improving Technical Security 14 March 2019

Introduction to DNS Privacy

Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map...