According to Wired, Symbolics.COM was registered on March 15, 1985. Symbolics.COM was the very first subdomain of COM, making today the silver anniversary of, well, something. The first delegation from .COM, I guess. Since then, there have been tens of millions more, of course, so the very first ought to be significant.
I had the privilege of managing the 9th-oldest subdomain of .COM, HP.COM, for several years back in the late 1980s and early 1990s. That job set me on the path I’ve been on for the last twenty-something years, and for that I’m very grateful.
What else has happened during those 25 years? Countless versions of the BIND name server were released, from BIND 4.8 to the current 9.7.0. For that, we owe the Internet Systems Consortium an enormous debt of gratitude. BIND still powers, by our last measure, almost 75% of the authoritative name servers serving subzones of .COM, .NET and .ORG. Commercial ventures with that kind of market share make people rich; the folks at ISC chose instead to pursue the nobler goal of producing the reference implementation of the Domain Name System, thereby facilitating the remarkable growth and success of the Internet.
All around them, though, DNS commercialized. Custody of .COM and the other generic top-level domains (gTLDs) moved from staid monopolist InterNIC to (one-time) .COM darling VeriSign and a legion of registrars. Domain names – particularly those under .COM – became hot virtual property. Entrepreneurs partnered with sovereign states that happened to own country-code top-level domains with useful mnemonics (such as .TV and .FM) to offer competition to the gTLDs.
We also saw threats to DNS infrastructure evolve from relatively straightforward exploits of implementation flaws to sophisticated attacks against fundamental limitations in the design of DNS. Early exploits, including the Kashpureff cache poisoning attack and the worm that used the TSIG buffer overrun to infect name servers, were quickly addressed with improved code. More recently, the Kaminsky vulnerability capitalized on weaknesses in the Domain Name System itself, and we’ve only managed to buy time by implementing clever mechanisms to make the exploit more difficult to carry out.
We now face the most daunting – but also the most pressing – upgrade to the Domain Name System we’ve ever undertaken: The addition of long-needed cryptographic security with DNSSEC, the DNS Security Extensions. If successful, DNSSEC offers the promise of a secure, ubiquitous distributed naming service, which could act as the foundation for securing other Internet services, including email and the web. But while DNSSEC’s adoption is accelerating, there’s still a very long way to go, and numerous doubters and detractors to win over.
Despite this challenge, though, we ought to acknowledge .COM and DNS as the extraordinary successes they are. .COM has grown from that single delegation into the biggest domain in the world’s largest distributed database system; and DNS has kept pace with both the jaw-dropping expansion of the Internet and the transformation of services from Telnet to telephony, from VT100s to video streaming.
So, to .COM and DNS, a very happy 25th, and (at the risk of sounding self-serving), many happy returns!
