RFC - Decentralised Naming System III - prevent domain transfer (dirvine)

Watching this thread and just wanted to throw in a left field idea here. For discussion purposes, what if you cannot sign a name over, so squat and you keep it ? (discussion)


This would require us to make it impractical to sell an account too. Is that feasible - as I understand it someone could give out the credentials and the recipient could change the password. Not ideal, but to protect a valuable domain people might be willing to set very secure passwords. Can we prevent that?


It may make it harder to sell accounts, it is possible that there is an area of research here that may work. You know me I like to look backwards at problems and that’s all I am doing here. People could perhaps give all their credentials, but it means they need to sell block of whole accounts which will be a PITA, certainly harder than registering multiple domains per account and selling them individually. Worth a bit of a look.

1 Like

Yes, I had some similar thoughts and a few more to throw in. I think squatting is not that bad, its a not very efficient or egalitarian way of ensuring that the people who badly want a domain can get it. I think there is a consensus that we want to do better, so I will try to find time to write up my first thoughts.


For clarification - do you mean if I rush in and register

they are mine and I cannot transfer them at any point?
In short these names are no longer assignable to anyone else ever…

I think myself and the lawyers of some companies could come to an amicable working agreement …
Always fancied an IBM pension but my time at Spango Valley was alas too brief for that…


first thought here … i don’t see why i shouldn’t create accounts for the 10 most wanted sites i can imagine … of course with 823945 domains it is another thing … (though you could program a bot, creating a list of most important domains of the www and saving all passwords inside a password safe … that anyway would be faster than doing it by hand …)

yes it is harder but i’m not sure if it solves the problem … plus “unused” sites will be unused forever … that would be a shame … because the names obviously will be good ones …

hahaha and then someone didn’t get that he can’t sell the site names and holds 100 of the best sites ^^


okay … and someone could still simply register all the sites for his own account … and then write a program through which people can access and manage their site - providing it “as a service”

I’m not sure if huge companies would use such a service … but if it is the only way to get “their” name … and if the price is not too high …

Registering (or buying) is a way to get a domain.
I don’t know why the term squatting is used instead. “Normal” people buy or register and the so-called squatters do the same (only more efficiently because they specialize in that).

It’s impossible that all people who want the same domain can get. There’s always one winner and everyone else is not.
If SAFE users are anonymous, then SAFE domain owners will be anonymous too.

Do you want to ID users who want to register a domain?
If not, how do you plan to prioritize?

Without interference in domain ownership matters, the free market ensures that anonymous user who most wants the domain gets it (by paying more than all other users). I don’t see how you can outsmart that. I also question the idea from the privacy perspective.


Squatting is called that because the aims and behaviour is distinct from ordinary domain registration and use. It is these distinctive characteristics that allow one to devise ways of making that behaviour more difficult, ideally without messing up either the functionality you want from a DNS, or the ordinary domain registration and use. David’s suggestion is a clear example. I also have some ideas for how to achieve that, and no they don’t involve ID ing people. You’ll have to wait until I write them up before we can discuss them though.

1 Like

We have a bot for that?

(Sorry, couldn’t help myself)


Okay, I look forward to the proposal.

I think you’re making a moral statement more than anything. The registration itself is undistinguishable between a regular user and the so called squatter. It’s only your judgment that makes the latter undesirable. It is fine to express opinion, but inappropriate to codify this type of morality in the SAFE platform, in my opinion. But I realize democracy has taken over the freedom of speech, in this particular regard, and being unable to do anything else that replicates the worst characteristics of real life democracies, the crowd is clamoring for punishment of the squatters as their first cause in SAFE space. :smile:

Squatters are the first entrepreneurs of each TLD that opens for business. I don’t know a single instance where administrative measures have worked without severely damaging the attractiveness of the TLD itself.

Why can’t domain names be named and validated like public user names are?

:slight_smile: What did I just say aboe? Here we go…
And how about Name and Shame?

I’m not making a moral judgement.

What I am doing is looking at the behaviours we see in the current DNS, identifying their effects and seeing them as not what I want. Others agree, you and no doubt others disagree. That’s fine. Its a design discussion, not a moral issue. How do we want the DNS to operate and how can we design it to operate in that way?

To me this is no different from discussions about designing the system to be immune from attack, or to reward producers of published material, or reward people providing resources to the network and prevent others from gaming the system to reward them without providing resources.


I think people are getting obsessed with domain squatting to the point that they are ignoring ligitimate use cases for the sale and transfer of domains. Say I create a domain name for wildelife called www.beavers.safe but later the foundation/company goes bankrupt and I want to sell it to a local strip club. Should I not to be free to do that? Or say I create a family website called blog.familysite.safe but in later years want to transfer ownership of said site to my children before I die. Again should I not be allowed to do that? Hardcoding permanant ownership of domains and not allowing people to transfer ownership of their property does not make sense for a lot of reasons. It doesn’t make sense because it restricts one’s ability to control one’s own property. It also doesn’t take into account that we are mortal beings and everything we do here during this life is temporary. Argue all you like about what happens after death but i think it’s an established fact that while we’re here nothing is permanant and life is change. And restricting one’s ability to buy, sell or give away what one owns undermines the very fact one owns it and is a very impractical proposal.

So there are domain squatters? What do domain squatters do? They grab a domain, make a filler page and sit on it. So make that practice unprofitable. I believe there was already a proposal to combine the naming system with the dns system wherein you could have a public dns name combine with a hash to make it unique similar to how user IDs are assigned. If it works for people’s handles why can’t it work for websites? This would make domain squatting totally impossible. OR add a safecoin fee for leaving your site idle too long with only a minimum amount of content. If all you have is one placeholder page and no activity for x amount of time you get charged a fee. If you’re a serious web developer you’ll start adding some content or delete the site. If you’re a domain squatter it’ll start costing you money to squat which would defeat the purpose of squatting in the first place.

The whole problem isn’t that hard.

If I am google. I submit a signed certificate that says “This SAFE website indeed belongs to Google”

If there is a registry of trusted Public keys, this is a done deal. Everyone knows that google wants to be at the SAFE address google says belongs to it. It is not terribly hard to prove google is google. If they want listed on the public key registry, they send a request, the registrator sends back some gibberish for them to sign at a known legitimate google.com email address and the deal is done…

If there is a registry of signatures and domains that point to the wrong things. Nobody will trust them, and everyone will trust the one that works correctly. Domain parking sites all Suck and are useless for the end user…

1 Like

If SAFE were to recognise the current DNS (if available) then this is something worth considering, if we thing all those (or vast majority) are rightful holders. I suppose a best effort to “speak” to existing DNS could happen? ofc we don’t speak to any centralised server based system that could stop us, but perhaps a best effort could be made?



Could domain ownership expire based on pre-established conditions? If activity on a given domain remains below a certain threshold for a specified period of time, the domain is recycled. The contents of the old domain is then associated to a new domain name with an appended word like old or something else that denotes the change. So say after 3 months (arbitrarily chosen) of very low activity, the domain safe:Microsoft is renamed to safe:Microsoft-old-1.

The safe:Microsoft domain is again made available for use. A forced auction could then take place if others have registered their interest in the domain to ensure that the previous owner can’t just program a bot to reclaim the domain.

This I think could make squatting impractical. Safe sites that have word old appended to them do not expire. In the unlikely event that the regular “safe:Microsoft” ever expired again, the number on the far right would increment to 2 (i.e safe:Microsoft-old-2 and so on). Or instead of the word old, the alias of the previous owner could be appended (i.e safe:Microsoft-Tonda). This would it easier to find after years of inactivity on part of the domain holder.

Is the above possible? What adjustments can be made to make it work if any?

What happens when someone registers a domain name and forgets their login credentials? Does this mean the domain name is lost forever. Or what if the user just wants to wreak havock with SAFE DNS by generating as many domain names as possible and then locks the account forever? That would mean all those domain names would be lost forever.

What happens to good sites that are no longer maintained? I’ve run into a lot of those over the years. Just because a site is old and dormant doesn’t mean the data on it isn’t good.