The strength of this paper is the identification of shortcomings in the
current DNS, backed by some numbers. It then outlines the design and
implementation of CoDoNS in detail and how these shortcomings are
tackled. The authors explain well how the system would work in practice
and how the system can coexist with current DNS. The paper also
addresses several key question of how records can be updated or removed
and the evaluation section shows that CoDoNS has very good performance
and adapts well to changing loads.
The paper fails to address the question of how CoDoNS would perform in a
heterogeneous environment. I would suspect institutions would contribute
only mediocre, if not crappy, nodes to a system if they don't have any
good incentive. This will likely create a poor performing or at least
create a heterogeneous system.
The CoDoNS system seems to be a good candidate to replace current DNS
since it can co-exist with the current system, therefore allowing for
gradual change. It also seems to present some very good properties such
as adapt through massive replication, allow quick updates, etc. However,
it is unclear what happens when keys are stolen or even how to proceed
with key deployment. Public Key Infrastructure?
Received on Wed Nov 09 2005 - 20:40:25 EST
This archive was generated by hypermail 2.2.0 : Wed Nov 09 2005 - 23:02:50 EST