RFC 9498: The GNU Name System

We are happy to announce that our

The GNU Name System

(GNS) specification is now published as

RFC 9498

.

GNS addresses long-standing

security

and

privacy

issues in the ubiquitous

Domain Name System (DNS)

.
Previous attempts to secure DNS (

DNSSEC

) fail to address

critical security issues

such as end-to-end security, query privacy, censorship, and centralization of root zone governance.
After 40 years of patching, it is time for a new beginning.

The GNU Name System is our contribution towards a decentralized and
censorship-resistant domain name resolution system that provides a
privacy-enhancing alternative to the Domain Name System (DNS).

As part of our work on RFC 9498, we have also contributed to the specification
of the

.alt top-level
domain

to be used by alternative name resolution systems and have
established

the GANA registry for ".alt"

.

GNS is implemented according to RFC 9598 in GNUnet 0.20.0. It is also implemented
as part of

GNUnet-Go

.

We thank all reviewers for their comments.
In particular, we thank D. J. Bernstein, S. Bortzmeyer, A. Farrel, E. Lear, and R. Salz for their insightful and detailed technical reviews.
We thank J. Yao and J. Klensin for the internationalization reviews.
We thank Dr. J. Appelbaum for suggesting the name "GNU Name System" and Dr. Richard Stallman for approving its use.
We thank T. Lange and M. Wachs for their earlier contributions to the design and implementation of GNS.
We thank J. Yao and J. Klensin for the internationalization reviews.
We thank

NLnet

and

NGI DISCOVERY

for funding work on the GNU Name System.

The work does not stop here: We encourage further implementations of RFC 9498
to learn more both in terms of technical documentation and actual deployment
experiences.
Further, we are currently working on the specification of the

R

⁵

N DHT

and

BFT Set Reconciliation

which are underlying
building blocks of GNS in GNUnet and not covered by RFC 9498.