The Secrets of the Internet: Domain Names and ICANN

The Mystery of Top-Level Domains (TLDs)

In this episode, the hosts embark on a journey to understand how the Domain Name System (DNS) functions and why certain companies, like Donuts Inc. (now known as Identity Digital), own such a vast percentage of the internet infrastructure. The inquiry began from a simple curiosity regarding why the .pizza TLD was unavailable for registration.

Origins and Scaling of the Internet

• Originally, the internet was a small government research project called ARPANET.
• IP addresses were initially managed by a single person, John Postel, using a simple, manual text file (hosts.txt).
• As the internet grew, the need for a scalable system led to the creation of the Domain Name System (DNS), which maps human-readable names to underlying IP addresses.

The Key Signing Key Ceremony

Investigating rumors of a "ritual" that could take down the internet, the team gains access to a secure ICANN facility in Virginia.

"The incredible thing about this actually is that with how insanely secure all of these steps are, it's actually security through transparency."

Securing the Infrastructure

• The Key Signing Key Ceremony is a highly secure, quarterly procedure used to cryptographically sign the root zone of the DNS.
• This process prevents DNS cache poisoning (or DNS spoofing), safeguarding users from being redirected to malicious, fake websites.
• The ceremony is air-gapped and relies on a global group of trusted security researchers who must physically meet and perform specific, verified tasks.

Conclusion and Reflections

While the internet has grown into a massive commercial entity, the system relies on a symbiotic relationship between non-profits like ICANN, registries, and registrars. Despite the weirdness and the "parking" of domain names by entities seeking massive profits, the underlying security infrastructure remains robust and intentionally transparent.