Let’s assume that we retain the level of indirection by assigning UUIDs instead of domain names. If you used Tor, you may have caught a glimpse of how randomly looking domain names feel.
How nice would it be if we could make the domain a technical detail? Let’s say the browser would prominently show whatever entity the certificate is registered to instead (and HTTPS is everywhere).
To an operations engineer, readable DNS offers some advantages: in some environments we still refer to machines, and being able to distinguish between “eu-sigma” and “us-gamma”, for example, is much easier than between “7c07c564” and “74c47513”. However, some may disagree[0], and anyway this doesn’t justify the need for a global DNS.
As to the end user, the primary concern is that in 2016 we still type in domains[1], and at those times better memorability and shorter length matter a lot. You can also see domain names referenced in anti-phishing warnings—but with proper security practices that wouldn’t be a thing.
So I see that plus inertia—an upgrade costs time and money, and the existing system works (and makes some people money).
Let’s assume that we retain the level of indirection by assigning UUIDs instead of domain names. If you used Tor, you may have caught a glimpse of how randomly looking domain names feel.
How nice would it be if we could make the domain a technical detail? Let’s say the browser would prominently show whatever entity the certificate is registered to instead (and HTTPS is everywhere).
To an operations engineer, readable DNS offers some advantages: in some environments we still refer to machines, and being able to distinguish between “eu-sigma” and “us-gamma”, for example, is much easier than between “7c07c564” and “74c47513”. However, some may disagree[0], and anyway this doesn’t justify the need for a global DNS.
As to the end user, the primary concern is that in 2016 we still type in domains[1], and at those times better memorability and shorter length matter a lot. You can also see domain names referenced in anti-phishing warnings—but with proper security practices that wouldn’t be a thing.
So I see that plus inertia—an upgrade costs time and money, and the existing system works (and makes some people money).
[0] https://news.ycombinator.com/item?id=8010838
[1] Anecdata. Not sure if any research attempted to quantify how often do domains get typed these days, perhaps this isn’t even an issue anymore.