Waveform: The MKBHD Podcast - ICANN and the 7 Keys to the Internet
Episode Date: December 30, 2022In this episode, David sits down to explain how wanting the Pizza.Pizza domain led him down a rabbit hole to discovering some interesting facts about how the internet works. Who decides what domains a...re available? How much does it cost to start one? And is it true that there are seven people with special keys that control the internet? David gets to the bottom of it all! We hope you enjoy. Links: ICANN Key Ceremony 47: https://bit.ly/ICANNKSK47 WeOwn.Pizza: https://bit.ly/3Cea0yu Shop the merch: https://shop.mkbhd.com Twitters: Waveform: https://twitter.com/wvfrm Marques: https://twitter.com/mkbhd Andrew: https://twitter.com/andymanganelli David: https://twitter.com/DurvidImel Adam: https://twitter.com/adamlukas17 Ellis: https://twitter.com/EllisRovin Instagram: https://www.instagram.com/wvfrmpodcast/ Join the Discord: https://discord.gg/mkbhd Music by 20syl: https://bit.ly/2S53xlC Waveform is part of the Vox Media Podcast Network. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
The all-new FanDuel Sportsbook and Casino is bringing you more action than ever.
Want more ways to follow your faves?
Check out our new player prop tracking with real-time notifications.
Or how about more ways to customize your casino page
with our new favorite and recently played games tabs.
And to top it all off, quick and secure withdrawals.
Get more everything with FanDuel Sportsbook and Casino.
Gambling problem? Call 1-866-531-2600.
Visit connectsontario.ca.
As a Fizz member, you can look forward to free data, big savings on plans, and having your unused data roll over to the following month.
Every month.
At Fizz, you always get more for your money.
Terms and conditions for our different programs and policies apply.
Details at Fizz.ca.
What's up, everybody?
I'm David Amell, and welcome to Waveform.
Have you ever wanted a domain, and then you were in Virginia,
and then you were in a small cage with iris scanners and lots of strange people?
Me neither, until about a month ago.
Stick around, because I'm about to tell you what the heck I'm talking about.
All right, boys, let's buckle up.
Let's do this.
So I'm going to tell you a story, and it's a little weird and a little wild and a little cheesy.
It's an entirely true story.
Correct.
Okay.
Yes.
Okay.
So a few months ago, I think this was around June,
so this podcast has been a long time coming. I was in Seattle, hanging out with some friends. I think I went there to visit friends
from college I haven't seen in a very long time. And we were just chilling at one of their houses.
And we wanted to order a pizza. Okay, because there were a bunch of us and it was like makes sense to have a pizza for everybody right so every now and then i go and i look up all of the potential websites that you can own
all the top level domains that you can own just for fun okay there are many sorry i was thinking
about the pizza all right yeah no yes it's okay i think we're reasonable here. I see no flaws. Yeah, we'll get there.
Okay.
Okay.
So do you guys know what a top level domain is?
So that would be like the.com or the.org or the.gov part of the URL.
Yeah.
And there's a bunch more that I don't, you know, pay attention to or keep track of.
But the most common ones being country.us.ca.
Wow, nice. Trivia.
Turns out there are many, many, many, many
top level domains.
I believe that.
There's a list of top level domains
that you can go look at anytime you want.
Every few months, kind of just read them for fun
because I really want,
I really just want to see the domains, right?
So I remember that there is a dot pizza among other things, right?
Because there's like dot lawyer, dot fun, dot joy, dot monster, dot condos, dot cool,
dot dance, dot dating, dot deal, dot deals, international, dot investments, dot Irish,
dot jewelry, dot jobs, dot joy, dot vacations, dot ventures, dot villas, dot Vin, dot Volvo,
dot voting, dot voyage, all of this random stuff. Dot monster. Dot monster.vacations.ventures.villas.vin.volvo.voting.voyage.
All of this random stuff.
Dot monster.
Dot monster.
That's awesome.
But there's also a dot pizza.
So in my head, I'm like, we want a pizza.
There's a dot pizza.
You should be able to go to pizza.pizza, right?
Like if you go to pizza.pizza,
I would assume that like Papa John's or Domino's
probably owns pizza dot pizza you can
tell you're not from the tri-state area why john's or dominoes oh sorry sorry is that from
there needs to be some elitism here if we're from new jersey yeah those are both awful awful pizza
places oh totally absolutely but in seattle that's probably the standard pizza yeah oh wow
papa john's is the most popular pizza chain in the US, right?
Okay, that's fair.
Fact check that.
I think that was the fact check.
I ordered a Papa John's pizza while I had COVID
and this thing was so unbelievably dense.
Oh my God.
I like could not believe this pizza.
It was like ridiculous.
Better ingredients.
Better ingredients thought pizza would be the best domain for Papa John's.
Yeah, I mean, there are many options that you could have here,
but I just wanted to go to pizza.pizza because I thought it was the dumbest one.
Okay.
Right?
Because you could have like, I want to order a.pizza or I need a.pizza,
but pizza.pizza, funnier.
So I try to go to pizza.pizza, and it doesn't resolve, right?
It's like not found.
I'm like, hmm, hmm.
You know what I do when I have good domain ideas?
Oh, you're one of those.
Oh, yeah.
You're one of those.
Oh, yeah.
How many domains do you have, David?
I haven't counted in a while.
How many digits of domains do you have?
I think in the two digits.
Okay.
That's all right.
Which could go up to 99.
Yeah.
Yep.
It's 97, but.
So you bought.
Yeah, when I have good domain ideas, I try to buy them.
Speaking of which, Ellis just looked up
betteringredients.pizza, and it's currently
available for $14.99 a month.
That's not bad.
Yeah.
But betteringredientsbetter.pizza
is unavailable. Oh, weird.
That's funny.
Okay.
So yeah.
So yeah, it's only usually like $12 a year.
So I try to buy them.
I have a lot of domains.
I own such selections as bangersonly.net, which just takes you to a Spotify radio playlist
of Semi-Tard in Life by Third Eye Blind.
Nice.
I figured out where that was going.
Because imagine you're at a party, right?
And someone's like, I don't know what to play on the radio and you just go just go to bangers only.net and it's only
it's only bangers it only every single one not wrong during covet i bought i bought out my
window.app and i just made it so if you went there it would just rotate through really pretty scenes
of out windows because people were trapped in their apartments.
All right.
I also have bought two domains that got me sued by Lego Corporation.
So we probably don't have to go into that part.
But here's to say I like buying domains.
So I tried to buy Pizza.Pizza and it looked like somebody already owned it.
Like it wasn't available.
And I was like,
hmm, why would someone
sit on pizza.pizza
in the domain space?
This is called parking.
This one's parking
on pizza.pizza.
So, but what you can do
is when someone owns a domain,
you can do what's called
a who is lookup on a domain.
So effectively,
you are looking up
like the person that owns it,
when they bought it, how much they bought it for all of this stuff, just I was just curious, right?
So I do a who is lookup on pizza.pizza. And I start to get pretty confused. There's a lot of
information here. But I started seeing all of these names pop up over and over again,
there was donuts, Inc, there was I canN, but Donuts Inc. started popping up
a lot more. So I did some research on Donuts Inc. and I looked them up and they're like massive.
They're like a multi-billion dollar corporation and all they do is own top level domains.
This is Donuts like the pastry?
Yes.
Inc. Okay. I just want to make sure.
Which beyond the irony, yeah, exactly. Beyond the irony that Donuts owns.pizza,
they also own a crapload of other top-level domains.
Almost like 25% of the entire top-level domain industry.
Damn.
Yeah.
Mega David.
What?
It's Mega David.
Exactly.
Yeah.
So I start Googling them, and there's some articles from 2012, 2014,
being like, should we be concerned that Donuts
is owning so much of the
domain industry and I'm like I agree
like how is it that one company
can be a multi-billion dollar corporation
and own almost a quarter
of the entire domain industry
like that seems really confusing
and weird and how does that
how does any of that actually work because isn't the internet
like a thing that we are all supposed to own together and why do you just get to like spin
up a top level domain and just own it and then sell it that's real quick to just to confirm when
you're saying 25 of all domain names that's including domain names that are like owned and
working or 25 of all like claimed domains that aren't actually directed to something just top level
domain so that's like the amount of claimed but not actual working domain names is way past 25
they they head up dot pizza right and then anyone there's millions of permutations of
something that could be a dot pizza but they own. Right? Yeah, they just own the top-level domain, and then someone can register pizza.pizza.
This might be a dumb question, but I didn't realize that one company can just own an entire
top-level domain.
So, because there's the.us,.ca, are those owned by-
So, those are called country codes, and those are not really owned by anyone.
Those are operated by someone else who we'll get to later in the podcast.
I see.
And then if you want to buy something.pizza,
you have to pay for that address through the people that own.pizza,
which is the donut.
So not particularly, but we will get there.
I promise you.
All right.
So I start wondering, how do we get to this point?
How do we end up at this place where like this Donuts Inc owns like a quarter of the
top level domains that are available on the internet?
Like that seems insane because you're just a private company worth billions of dollars
and you get to just spin up these top level domains.
So I realized I don't really understand how like any of this stuff works.
So I decided to do a little research and what we found was a lot.
So we're about to get into it. Oh boy. Six months. Six months. Cue the waveform intro. I don't know.
So if we're going to understand how we got to this point where one private company owns
like a quarter of all top level domains on the internet, we kind of have to understand how we got to the domain name system in the first place.
Right.
But to just give you a brief intro of what's going on, the internet, as we know it today,
actually used to be a research project run by the US government and it was called ARPANET.
And originally the entire purpose of it
was to allow different computers
that were far away from each other
to do something called timesharing.
So you have a supercomputer at a university,
and another university wants to use that supercomputer.
You can basically log into that computer
and use its computing power, right?
Amazing.
Yeah, so the original purpose of this internet thing,
which was the ARPANET
at the time was to just like share resources and also share information with each other.
It's very wholesome. Yeah. It's kind of like remote desktopping across. Yeah, it's absolutely
remote desktopping. And it's funny that remote desktopping now seems like an additional feature
you can do with a computer because it was originally the whole point of the computer
of having an internet, right?
This only works because computers have IP addresses.
You guys probably know what IP addresses are.
It's like a unique identifier that your computer has that it's like a home address, right?
If you want to mail a piece of mail somewhere, you have to know where to send it.
And if you're sending it over a network, you have to know what computer to send that to over the network.
So at the very beginning of the ARPANET,
there were only a few computers on the ARPANET. You had government organizations, university computers that were being sponsored by ARPA, military. It was all basically like only government
stuff because this was just a government research project. Side note, spurred by the launch of
Sputnik in 1957, just like the whole NASA episode that we did.
Everything comes back to 1957.
We'll get into that in a future podcast.
At the time, the IP addresses that were being given out
to all these computers were managed by one guy
at the University of Southern California.
His name was John Postel.
And so effectively, if you wanted to be on the ARPANET on the internet,
you basically call up one dude who ran a spreadsheet,
like an Excel spreadsheet basically, right?
And he said, hey, John, I want to be on the ARPANET.
Here's my computer.
Can you issue me like an IP address?
And he's like, oh, yeah, sure, yeah, sure.
So he literally like adds you to the spreadsheet.
And then every night he distributes the spreadsheet onto the internet or the ARPANET.
And everyone's computer downloads the spreadsheet.
So if you want to do time sharing with another computer.
Like a directory.
Yeah, it's a directory.
It's a phone book.
You put in their IP address and it allows you to go to their computer.
But you have to know like,
oh, David is at 186.8.4.2, right?
Yeah.
Which just the sheer ridiculousness
of like one single spreadsheet.
I'm trying not to make any crypto references.
Well, please do.
You can because the thing about the internet
is that it's a distributed
network there's there's centralized decentralized and distributed and the internet is distributed
meaning it's on a bunch of different servers in a bunch of different places that are all
yeah dating with each other meaning every node on the internet connects to base almost every other
node so even if one node like gets destroyed destroyed in the early days they were worrying about potential
nuclear attacks knocking out a major node, you can still send information across the
network, right?
Got it.
So yeah.
So this guy was maintaining the spreadsheet, which was completely ridiculous.
But it didn't take long after the development of the ARPANET and everyone realizing how
useful this was for other governments and universities and agencies to want to be on
the internet too, right?
So NASA, Department of Energy, more universities, everyone that was technically legally allowed
to be on the internet were just like, wait, John, John, put us on the internet.
Don't get me in there.
Yeah. Yeah. So this spreadsheet starts getting real big,
real big. And it's like, it's one guy managing this spreadsheet.
Seems like a terrible idea. Yeah. Yeah. So the more people that started to get on it, the more they realize like, okay, this whole IP address thing is like not working. Obviously
you still need IP addresses, but humans don't really think in
terms of numbers. They think in terms of words. So they spun up these top level domains, these
websites. And the seven original ones were.org,.gov,.mil,.edu,.int,.net, and.com.
And these were basically just the different organizations that were allowed on the internet.
Fast forward to the 1980s and the internet is growing very, very fast.
It would eventually get to the point where the public would have access to it, but the
guys in charge of this project kind of saw the writing on the wall and they knew the
internet was going to be a thing.
It spans the globe like a super highway.
It is called internet.
Imagine, if you will, sitting down to your morning coffee,
turning on your home computer to read the day's newspaper.
Well, it's not as far-fetched as it may seem.
You need a computer and a phone,
and suddenly you're part of a new mesh of people,
programs, archives, ideas.
This was going to be a thing that everyone was going to use,
and they needed a solution to scale it, right?
Because, again, a spreadsheet, even if you're using domains,
a spreadsheet's not scalable.
Was it still a spreadsheet by then?
It was literally called host.txt.
Hosts.txt.
Oh, man.
Dang.
Yeah, it was a.txt document.
He was one guy, and they gave him this nickname of the IANA,
the Internet Assigned Numbers Authority,
which started out as a funny nickname for him
and very clearly became a lot.
Yeah.
Just a big thing.
So they were like, all right, this isn't working.
We need to set up a scalable way to do this.
They thought that just having domains would be the way to scale it,
but a host.txt file is not scalable.
So they put out this call for ideas
because they were like,
the public is eventually going to get access to this thing.
We need to have a scalable, secure way
for everyone to do this.
So this guy named Paul Makopetris came forward
with a pretty simple and elegant solution
called the DNS system.
Or it's not DNS system, that's redundant.
The DNS, which stands for domain name system.
Yeah, so do you guys know what DNS is?
Man, okay.
I did have a class in college that explained all of the basics of DNS, IP addresses,
and all the things that go behind making a website.
I've forgotten 80% of it.
So you might have to refresh my memory on the differences,
what a DNS is, how it works.
It sounds like a redirect, but I'll let you explain.
That's what I was going to say.
Just the way to redirect top-level domain or whatever,
you type into your bar into the IP address
that goes to
wherever that website is hosted. That goes from a bunch of numbers to going, Oh, that's google.com.
Then right. Isn't Google like 8.8.8.8 or something like that? Probably. Yeah. All right. Well,
we're going to get to that after the break. I am so dreading groceries this week.
Why? You can skip it.
Oh, what? Just like that?
Just like that.
How about dinner with my third cousin?
Skip it.
Prince Fluffy's favorite treats?
Skippable.
Midnight snacks?
Skip. My neighbor's
nightly saxophone practices? Uh, nope. You're on your own there. Could have skipped it. Should
have skipped it. Skip to the good part and get groceries, meals, and more delivered right to
your door on Skip. You know what's great about ambition? You can't see it.
Some things look ambitious, but looks can be deceiving.
For example, a runner could be training for a marathon,
or they could be late for the bus.
You never know.
Ambition is on the inside.
So that thing you love, keep doing it.
Drive your ambition.
Mitsubishi Motors. All right, we're back.
So I sort of like to think of the DNS as like a layered network of phone books, sort of.
Effectively you're putting in the URL that you want to go to in your address bar and
then your computer needs to find what's the IP address of that.
Because a website is not like words.
A website is just a server, right?
So you're accessing that computer just like the time sharing on the ARPANET.
You're actually just accessing that computer and it's like giving you the website, you
know?
So generally on your browser, your browser caches what the IP address of websites are
when you've already accessed them within the last few days.
So it'll stay on your computer for a little bit,
and that way it's just way easier to instantly go to that website
so you don't have to ask a bunch of questions.
If your browser doesn't have that cached
because it clears its cache every few days automatically,
it will ask your OS.
And your OS does the same thing,
where your OS also caches IP addresses, but your OS also And your OS does the same thing, where your OS also caches IP addresses.
But your OS also wipes your cache every few days, because IP addresses can change.
That's a whole other thing.
So then if your OS doesn't have the IP address, it goes to your ISP.
And your ISP, your Internet Service Provider, has this special type type of server which is called a recursive server or a resolver.
And the reason that this is sort of like a layered stack of phone books is because that resolver server will jump to a bunch of other servers and say, hey, do you know where I can find this IP address?
And it says, I don't know the exact place,
but I know the name servers are over here.
And the name servers can tell you where to find.com or.org or.net.
And it's sort of just going back and forth where you have this ISP right here and it goes bing bong, bing bong, bing bong.
Got it.
Yeah.
Was that weird?
Bing bong is...
Maybe describe bing bong for the audio listeners. When I'm saying bing bong is maybe describe big bong for the audio listeners
when i'm saying bing bong i'm i'm i don't know it's like a two just bouncing from two from two
yeah back forth back forth jumping back and forth basically new york is back baby yeah
yeah okay so anyway your isp eventually will get told where that IP address is, and then it caches
that for a number of days so that not only when you ask for a website, but when other
computers that are also using your internet service provider ask, it can immediately tell
them, right?
The entire purpose of this is to sort of make it as fast as possible to access the websites
that you're looking for and not have to go through this whole DNS system.
So it's all based on caching and all of this stuff.
And remember this ISP resolver thing later
because it's going to come up again.
It's kind of important.
So anyway, this is a pretty elegant system.
The DNS system is a hit and it's working pretty well.
And most importantly, it's scaling.
Tons of people are getting on the internet.
The public's getting on the internet. It's just, it's scaling. Tons of people are getting on the internet. The public's getting on the internet.
It's scaling really fast.
Yeah, but suddenly the public could start registering
their own web pages
because once they originally got access to the internet,
they could start making blogs and stuff like that.
And luckily, we have this robust DNS system
so that people can actually get to the websites
that they want,
but that also doesn't mean that the system is perfect.
Because the scale of the internet was growing the way it was, it became a lot of work for
John Postel to keep registering domains, right?
Like he'd moved on from the spreadsheet, but he was still by himself, the IANA, the
Internet Assigned Numbers Authority, one guy at USC registering everyone who
wanted to be on the internet and this was like an exponential growth of people who were getting on
the internet right it's like the amount of people that used chat GPT over the last three days has
it's been like a million people in three days imagine you're one guy and a million people come to you and ask for ask for something like that's just too much um so uh suddenly the national science foundation was paying like his salary and it became too much
work for him so they started basically contracting out a third party to register domains for people
and that was a company called network solutions So as soon as the public had access,
this started to become a problem
because when web pages started popping up and stuff,
the lawyers at USC started being like,
people are going to have disputes
over who gets what domain.
Because at the current time,
you could just reach out to John
and you could just say,
hey, I want pizza.pizza.
And he would just be like,
all right, you got pizza.pizza. And it didn't really matter. But when they started
contracting the work out to Network Solutions, they had to pay Network Solutions. And the
government started being like, we're paying real money to a real company to register domains for
people. And that is taking our government money. Why are we doing that? That makes no sense.
and that is taking our government money. Like why are we doing that?
That makes no sense.
So Network Solutions is like,
well we could charge people for domains
and then we could like put that money back
into the National Science Foundation.
And there's a lot of drama over this
because the government was handling,
you know, it was a research project, right?
It was like, they're like,
is this still a research project
or is this becoming like a thing?
Like this is-
For profit scaling business.
Yeah, like actual businesses, actual commercial work is getting put on this
and this is becoming a problem so what happens though if you said you can just call them up
and ask for a domain what if you are like want to be nintendo.com or but you're not actually
nintendo can you just how is he confirming that uh no oh no confirming we're just we're full set full full send it dude
we're just like you're you are now nintendo.com that seems like a big problem yeah so the lawyers
are like this is a big problem and they're like look we got we got like commercial information
flowing over government sponsored and paid for servers that are being hosted at private
universities this is three separate entities that are never supposed to touch. This is a big problem. So the
lawyers are like, we got to get this like internet registration thing out of the university as like
fast as possible. Right. So this takes a while. The government kind of puts forward these different
papers for what they want the this like this potential internet registration organization to be.
They're drafting this paper.
They're like, it should be this, and it should do this, and it should have these laws.
And eventually they come up with a paper that basically states exactly what they want this third-party organization to be.
Originally they were like, it should be in Geneva because there's no problems in Switzerland, right? They're so unbiased and all this stuff. By now, this was being handled
by the US Department of Commerce. And of course, the US Department of Commerce, anytime they see
an opportunity for capital C capitalism, they're going to take the chance here. So they basically, within this paper,
developed this way for internet registration to work
that would spur competition.
It would be a whole new industry.
It wasn't just going to be IANA
that people were going to pay IANA
and that was going to work.
It was going to be distributed into different roles.
So this organization comes forward
calling themselves ICANN can the internet corporation for
assigned names and numbers and they win the contract to basically be the organization that
will be this oversight board they create the rules on how internet registration works they
maintain everything and then below them because they're just a governing body they're like a
standards committee in a way there are going to be two different types of registration things. There are registrars, which are companies that
you are almost definitely familiar with. You've got things like GoDaddy, Google Domains, you know,
that name.com, Namecheap. GoDaddy is the largest registrar in the world by now, or right now,
by the way. And basically registrars are just they're the ones
that interface with you where you say like hey i want to register pizza dot pizza you go to go
daddy and they sort of like deal with it but they don't actually like maintain the dot pizza domains
they just handle the the money transfer stuff you know and they they don't register it for you
they're like a broker yeah they're basically like a broker. And registrars have to pay ICANN a little small fee
when they register domains, which helps keep ICANN afloat.
Because remember, ICANN is a nonprofit organization.
And they also have to pay the registries a little bit.
And the registries are probably the guys you have not heard of,
which is Donuts Inc.
There's Pool.comcom there's all of
these registries and effectively what those registries do is they sort of like they maintain
the top level domains right so dot pizza yeah dot fun dot joy dot monster the other names all just
random nouns as well donut and pool they're just flexing so ping pong yeah for
for posterity donuts is now identity digital donuts is cool that literally while we were
reporting the story they changed their name that is the most corporate oh yeah overlord name
possible apparently donuts used to be a play on dns because it's donuts but there's like also
multiple stories have been reported for where this has come from so wow yeah yeah so to me it
seems kind of weird that you can just like you know you can just spin up dot pizza and be like
i'm gonna own dot pizza i'm gonna deal with this and i'm going to make billions of dollars out of nowhere. And it is kind of weird.
I mean, you can just be a registry, right?
But to be a registry,
you are sort of helping maintain the internet
because you're maintaining the.pizza servers.
You have to have a lot of infrastructure ready
to let.pizza work.
So if you decide to own.pizza,
you've got to maintain.pizza. You So if you decide to own.pizza, you've got to maintain.pizza.
You've got to make those servers work
so that.pizza can even be a thing.
Okay, so there was a little give and a little take.
There's a lot of give and, yeah, there's a lot of take.
Little give, a lot of take.
Yeah.
Comparatively.
If there's some gigantic company
that decides to buy a.pizza domain
and suddenly they're running huge businesses and things buy a.pizza domain and suddenly they're running huge businesses and things
on a.pizza server and you're
maintaining all of that for them.
In general, isn't that server just the one that's redirecting
to
being the redirection? No.
But it is sort of like the symbiotic
relationship because ICANN is a non-profit
organization that's just like a standards
committee and
the registries,
when they want to create a new top level domain, say Donuts is just like,
we think there should be a.pizza. They go to ICANN and say that. And then ICANN says,
hmm, interesting. Okay, I kind of like that idea. Hey, all the other registries out there,
are you interested in being the.pizza thing? And then they can bid on that so they can bid on who gets to be the dot
pizza like overlord right you have to put a lot of money into it and then you have to have like
tons of maintenance and stuff okay but it's a it's very much this like kind of um symbiotic
relationship between the people that create the standards for the internet and the people that
create the infrastructure for the internet so while it does seem like a little bit weird and sketchy, you can just spin something up,
it's still good for everybody because that competition that allows donuts to go and say,
hey, we think there should be a.pizza, it allows people like me to spin up.pizza domains,
or like bangersonly.net, leagueoflego.comcom i shouldn't have disclosed that um i might get
sued again i'll beep it out yeah you can beep it out incoming yeah yeah uh so yeah it's not it's
not like necessarily as nefarious as it seems um but while doing a lot of research on the things
that i can actually does and maintains and the rules that they put into place, I started hearing these rumblings and reading these rumblings of this secret meeting called the Key Signing Ceremony that ICANN conducts.
It's the Key Signing Key Ceremony.
sort of just doing like basic research into it and it it everything that i was reading was basically like there are seven different people from seven different countries who every three months all
come together at a secret facility and perform a ritual that takes three to four hours and
everything on the internet was like these are the people that can take down the internet and i was
like what like this is insane this sounds like a j, this is insane. This sounds like a James Bond.
I love it.
It's like immediately picturing like a cauldron.
Yeah.
Yeah, like, okay, seven people from seven different places
all have to physically come to the same location to perform a ritual.
And when you say ritual, you mean like a spreadsheet type ritual?
Well, I didn't really know.
I just, I kept, everything just just said it's a ceremony and it takes
three to four hours and I was like,
is there blood involved here?
And they all have keys, you said?
I'm just imagining this giant wall with these
big keys that they put in and all have to
turn at the same time.
They have these hyper-protected keys that they have to bring
with them to this physical location.
I'm not going to make that up.
They all bring in one different animal
and they all put the animal in a box.
Okay, so there's
keys. Yeah, they bring in these
physical keys that they bring with them from their
country. Imagine forgetting your key.
I made my fight.
I didn't even think about that.
Sorry guys, can't do the ceremony.
I was like, this sounds insane.
And apparently it's been the topic of a CSI episode
and a couple of random ones.
I mean, this is great headline fodder.
Oh, absolutely.
The most clickbaity things.
Like these people could take down 80% of the internet
as you know it tomorrow.
Believe it or not, that's what all the headlines say.
Yeah.
And I was just like, this seems insane
and I want to verify what's
actually going on here.
So, we'll
find out what's going on after the break.
Breaking news coming in from Bet365,
where every nail-biting overtime win,
breakaway, pick six, three-point shot,
underdog win, buzzer beater, shootout, walk-off,
and absolutely every play in between is amazing.
From football to basketball and hockey to baseball,
whatever the moment, it's never ordinary at Bet365.
Must be 19 or older. Ontario only. Please play responsibly.
If you or someone you know has concerns about gambling, visit connectsontario.ca.
Support for the show today comes from NetSuite.
Anxious about where the economy is headed? You're not alone.
If you ask nine experts, you're likely to get ten different answers.
So unless you're a fortune teller and it's perfectly okay that you're not, nobody can
say for certain.
So that makes it tricky to future-proof your business in times like these.
That's why over 38,000 businesses are already setting their future plans with NetSuite by
Oracle.
This top-rated cloud ERP brings accounting, financial management, inventory, HR, and more
onto one unified platform, letting you streamline operations and cut down on costs.
With NetSuite's real-time insights and forecasting tools, you're not just managing your business,
you're anticipating its next move. You can close the books in days, not weeks,
and keep your focus forward on what's coming next. Plus, NetSuite has compiled insights about how AI
and machine learning may affect your business and how to best seize this new opportunity.
So you can download the CFO's Guide to AI and Machine Learning at netsuite.com slash
waveform.
The guide is free to you at netsuite.com slash waveform.
netsuite.com slash waveform.
All right, we're back.
Key signing, key signing, key ceremony, vampires, people eating each other.
Nine mysterious faceless figures emerge from the dark.
Seven key holders of the internet.
Each holding mysterious keys.
Yeah.
This sounded completely absurd.
So I started spamming ICANN with emails.
Nice.
I was like, I want.
As you should.
Yeah.
I was like, hey.
I don't want to get involved in this mess.
This seems a little mysterious.
Oh, I love to throw myself in front of bullet trains.
Fair.
I want to get in the middle of the danger. So I'm like, I want to come to this. Can I come to throw myself in front of bullet trains I want to get in the middle of the danger
so I'm like
I want to come to this
can I come to this
can you let me come to this
and at first they said no
and then I battered them for three more months
and then they said yes
I mean if you hear ritual and then get denied access
you want to go more
I would be like well now I have to go
and it's going to happen every three months.
It's going to keep.
Right.
It's every three months.
And it rotates between an indescript building in Culpeper,
Virginia and an area of LA.
Yeah.
Apparently like right as,
yeah.
Right.
As you leave the LA airport,
there's like these indescript black buildings and nobody ever knows what
they're for.
And this is where this happens.
It's because it's near an In-N-Out.
I mean, yeah. Prove me wrong.
It is though.
Yeah, that's true.
That's what LAX is.
It's just an air
strip surrounded by In-N-Outs.
Ironically, the one that they denied us access
to was in LA and even though I was ready
to just fly to LA and do this. But they rotate so the one that they denied us access to was in L.A. And even though I was ready to just like fly to L.A. and do this, but they rotate.
So the one that they finally said I could come to was the one in Virginia.
And because we live in the New York, Jersey area, it's not completely out of the question to drive to Virginia.
Right.
So Ellis and Adam and I pack into a car and we go to see what's really going on at
the source of the internet.
This explains why you asked me for a hotel room for an undisclosed location.
Yeah.
I didn't want to-
And I said, why?
Yeah, not a lot of people go overnights in Virginia for work for no real reason.
I did say yes.
I did say yes.
And when I was like, where are you going?
You were like, I can't tell you where I have to go.
It's hard to say no to that, I guess.
Yeah.
Yeah.
So, yeah, I didn't want to spoil the podcast. Yeah. Right.
So as you can see, we did not get sacrificed.
Yeah, you're back.
We're still alive.
That's really good.
Yeah.
And it turns out everything that this ritual has to do has to do with DNS, which is amazing because maybe it will answer my question of who owns.pizza, right?
Because I just want to get pizza.pizza.
This is the key to the entire story. The key to the internet is the key to.pizza. The? Because I just want to get pizza.pizza. This is the key to the entire story.
The key to the internet is the key to.pizza.
The seven keys.
Right, the seven keys.
The seven keys.
I almost forgot that this was the motivation for everything is
we need pizza.pizza to happen.
We still need pizza.pizza to happen.
All right, so back in 2010,
a security researcher named Dan Kaminsky
found a major security exploit in dns uh and the exploit
is called dns cash poisoning or dns spoofing do you guys remember when you would see like things
on tv and they'd be like don't connect to rogue wi-fi networks in your um at cafe at internet
cafes and all that or the airport or something. Yeah, or the airport. And people are still putting this kind of stuff out,
but it's not as important anymore.
It doesn't seem as crazy.
There's not as many public service announcements
saying don't connect to rogue Wi-Fi networks.
Effectively, this DNS cache poisoning hack,
how this works is that when your ISP's resolver
is ping-ponging, ping-p pong, ping pong, ding dong, whatever,
bing bong.
Bing bong.
Bing bong.
When it's bing bonging between the name servers and all these different servers,
every time it asks a question to one of these servers, it sends out a query number.
Question number 1,000, and then you answer.
This is the answer to question number 1,000.
Question number 1,001.
Bing. Bing. This is the answer to question number 1,000. Question number 1,001.
Bing.
This is the answer to question number 1,001.
Bong.
Bong.
Right, exactly.
So what happens in this DNS cache poisoning thing is that this nefarious server over here
just sprays out query resolves.
It just sprays out answers to these queries.
So it's like, hey, I've got the answer to query 1,000
through 1,099, and it's just sprayings out answers to these queries. So it's like, hey, I've got the answer to query 1000 through 1099.
And it's just spraying them out.
So if it's able to attach to the query question before this other server over here is able
to give the answer, then your internet service provider server resolver will just be like,
oh, okay.
And it takes that answer.
So nefarious server can just be like, oh, okay. And it takes that answer. So Nefarious Server can just be like...
So Nefarious Server can just be like,
yeah, here's the IP address of the website
that you're looking for, right?
So imagine you type in facebook.com.
Your browser doesn't have facebook.com cache, so it asks your OS.
Your OS doesn't have it cached because you haven't been there in a while.
It goes to your ISP.
Your ISP doesn't have it cached because it hasn't been there in a while.
It sends out that query, and then the nefarious server says,
oh, facebook.com is at this IP address.
It routes you to a fake facebook.com login page.
It looks exactly like the regular facebook.com login page.
You type in
your username and password hit enter and then it forwards you to the real facebook.com and you are
none the wiser that they just stole your information uh this could be a lot even worse if it was like
a bank right bank login page you know they just stole your login info for all of your money. And this was a really, really big issue because the internet is built on trust.
Back in the day when it was just a research project, the internet, nobody had to worry about nefarious actors.
It was literally just the government, universities, and scientists, and they were just sharing information.
It was like literally no one worried about this.
It was the good old days.
The good old days the good old days yeah but as soon as money is like added to any sort of thing as as soon as
there's money to be made yeah there's going to be nefarious actors that try to steal your
information and your money right um so i can was like all right this is a huge problem because
the entirety of dns is built on this and because the internet is built on trust, imagine like 50% of the time you have no idea, or actually all of
the time, you have no idea whether or not when you go to facebook.com and it has you log in,
if you're logging in or if you're literally giving away your information, nobody's going to use the
internet if nobody knows if it's secure. Like that's just a core part of it. And I think a lot
of people think about, you know, oh, I'm this little guy, this random person.
Nobody wants to steal my information.
But it's not even about that.
It's like the biggest websites on the internet are just going to be continuously targeted,
and all of the information of everybody is just going to be stolen.
The internet organizations and ICANN are like, well, we want people to keep using the internet,
and they're not going to use it
if they think their info is going to be stolen.
So we need to figure out how to patch this, right?
DNS works in a very specific, elegant way
and they don't want to change up
the way that DNS works completely
because this is like, you know,
it's the way that things have been going for a long time
and it works really well.
So what they decide to do is add public key cryptography
to the DNS system. Do you guys know how public key cryptography works really well. So what they decide to do is add public key cryptography to the DNS system.
Do you guys, do you guys know how public key cryptography works? Nope. Nope. Let's talk about
basic cryptography really quick. So here's an example. I want to send you a message, right?
But I don't want anyone else to be able to like, just take that message. So back in the day of
like spies and stuff, you know, you could like,
you could encrypt a message with some algorithm and then meet someone in a park, give them your letter. And if they also have the algorithm, say that you had the algorithm on a USB drive and you
give them the USB drive, they could then like decrypt it on their end. But with the internet,
when you're sending information over the internet that encryption
key is what it's called it's called an encryption key you can't send someone else the decryption key
because then you have to encrypt the decryption key it's a recursive problem right it's this
layered problem so what they came up with was this thing called public key cryptography and basically how this
works is that every website has both a public key and a private key you can think of the keys as
just encryption algorithms right every website's private key is something that only they know like
nobody else is supposed to be able to get access to the private key, but they distribute their public key all over the internet.
So when you request Facebook.com, you have the public key for Facebook.com, right?
But only when you say, here's the public key for Facebook.com, only when the private key
interacts with the public key of Facebook.com does it actually decrypt the data and give
you the data, right?
with the public key of Facebook.com does it actually decrypt the data
and give you the data, right?
And that way, if a nefarious actor
was able to inject the fake IP address
of fake Facebook.com,
when your public key interacted
with fake Facebook.com,
it would not be able to decrypt the information
because it doesn't have the public key there.
Does that make sense?
Yeah, so it wouldn't match.
Yeah.
So when you create a public key and a private key for a website, specifically when you create a private key for
a website, that's what's considered a website being signed. And you've probably seen this in
your browser before you, you have this little lock on a site and it says like this website is
signed. This website is secure. You've also seen HTTPS versus HTTP. That means that website is signed.
Secure.
Is that what the S stands for?
Yeah.
Hypertext Transfer Protocol signed.
I think it's secure.
Secure.
Usually there's a lock or something.
Yeah, it's a little lock.
Yeah, yeah.
So HTTPS means that they have a private key.
So it means you can be sure that when you access this website,
it's the real website.
Go to mkbhd.com.
We got a little lock.
Right. We used to not have it, and we used to get a lot of that. We added the lock this website, it's the real website. MARK MANDELMANN, You go to mkbhd.com. We got a little lock. MARK MIRCHANDANI, Right.
It's shop.
MARK MIRCHANDANI, We used to not have it.
And we used to get a lot of that.
MARK MANDELMANN, We added the lock for that.
MARK MIRCHANDANI, Oh, really?
MARK MIRCHANDANI, Yeah, yeah, yeah.
MARK MIRCHANDANI, Got a nice lock there.
MARK MIRCHANDANI, Years ago, yeah.
MARK MIRCHANDANI, It's hypertext transfer protocol secure.
MARK MIRCHANDANI, Secure.
There it is.
MARK MIRCHANDANI, Yeah.
MARK MIRCHANDANI, Beautiful.
MARK MIRCHANDANI, Yeah.
MARK MIRCHANDANI, Cool.
So now, ICANN, for a number of years,
has been trying really hard to get more, basically since 2010,
to get as many people
to move over to this public key cryptography methodology as possible. A lot of the original
top level domains, they're still trying to get to move over. Even the country code domains,
you know, like TV for Tuvalu, some of those are not signed.
Wait, what? TV's what?
Oh, I didn't explain this earlier.
TV is not.
Sorry.
Okay, sorry.
So Twitch is based in Tuvalu?
Yeah.
So, okay.
No, this is actually amazing.
I know this is a side tangent, side note.
I thought TV, television, so I'm lost.
No, okay.
So when they created all of the non-generic top-level domains,
.com,.org,.gov,.net, that kind of stuff,
they also created country codes for all of the countries.
And actually, they're not specifically just countries.
They're areas of economic interest.
So IO, guess what IO stands for?
It's not input, output. No. Okay. Guess what that stands for? It's not input output.
No.
Okay.
Guess what that stands for?
And everyone uses it as a tech website because it's like IO, input output.
Yeah, yeah.
It's a region.
It's an area of economic interest.
Indonesia.
No.
Iowa.
Country cuts.
It is the Indian Ocean.
Oh, wait, what?
Okay. The ocean. So if there's enough, all right. Yeah, the Indian Ocean. Oh. Wait, what? Okay.
The ocean.
So if there's enough...
All right.
Yeah, ICANN is not the UN, right?
They don't want to be the ones that are designating what's a country and what's not, because that
gets really complicated really fast.
There's wars being fought about that.
Exactly.
So you just define regions instead.
Regions of economic interest.
Sure.
Areas of economic interest.
Okay.
So basically, ICANN just distributes all of these country code domains, and they allow
the countries to maintain them.
So Tuvalu is an independent nation.
Okay.
But ICANN has given them the.tv because it's Tuvalu.
That's a big responsibility for that small region.
Well, it's a huge moneymaker for a lot of these small regions.
Oh, okay. Yeah, it's a huge moneymaker for a lot of these small regions. Oh, okay.
Yeah, think about this.
Dot GG,
that's like all gaming websites.
Discord.
All their hyperlinks are dot GG.
Like we have MKBHD.gg,
I think is our Discord link.
Something along there.
Yeah, GG is Guernsey.
Right?
It's like these are actually
areas of economic interest.
So a lot of countries and areas of economic interest make a lot of money off of being
able to just sell these top level domains.
And the ones that have handy ones like.tv or.io or.gg, they make a lot of money at
this.
Which is great for them, especially small island countries.
Shout out to Tuvalu.
Shout out to Tuvalu.
All our Tuvalu fans out there.
Gotta go visit the home of Twitch someday.
Yeah. Our next road trip, we're gonna ask to go to Tuvalu. All our Tuvalu fans out there. Gotta go visit the home of Twitch someday. Yeah. Our next road trip, we're gonna ask to go to Tuvalu.
A long road trip.
Okay, so anyway, let's get back to what happens at these ICANN key signing key ceremonies.
Let's talk about that.
Right?
What happened?
Yeah, so we drive all the way to Virginia.
We stay in a little hotel.
So we get up in the morning at our hotel. We, we you know have some breakfast and we start driving into the countryside and towards this
secure location right okay we're driving up this road and we start seeing little cameras just
peeking out on this dirt road and we're filming and we're like we should probably stop filming
so we like immediately stop filming and we're just going
up this dirt road and there's just more cameras as we're going up the road and we end up at this
giant like facility with this like big gates and cameras pointing in different directions
and we drive up to the gate and they're like what are you here for who goes there yeah basically
we're just like uh we're guests for the I Can Key Signing Key Ceremony.
And they're like, hmm.
And they go talk to people and they come back and then they unlock the gate and we go in.
Wow.
Yeah.
And it was like, hmm.
So you're not allowed to film anywhere leading up to the building or anywhere in the building except for in the secure room in which the key signing key ceremony takes place.
Right?
It's a good rule.
Yeah, which is a good rule because making something like digitally unhackable is basically impossible because people
will always find a way to hack it but making something you know physically unbreakable is
pretty pretty doable doable yeah yeah yeah exactly so this is why they do this so we go in we go
through multiple layers of security we have have to show them these QR codes.
They have like, not for us, but for people who have done this a lot, they have iris scanners,
they have thumbprint scanners.
This is everything I was dreaming of.
Oh yeah.
This is like secure, secure.
Because again, this used to be under the US government.
This used to be under the US Department of Commerce.
And it was only at the very end of Obama's administration that he spun it off.
He canceled the contract with the Department of Commerce, spun it off to be its own independent
organization.
So they still maintain most of the government security protocols that they had at the time.
So we follow them through these rooms and we have lunch.
We have very nice sandwiches.
And then we go into this super secure room. And even just to get into the
room, we were with all these key holders, right? Now, one thing to note that the internet got wrong
is that you don't need all seven of the key holders of the internet to be there at every
single meeting. You only need like a few. They invite most of them because they're all from different countries. And by the way, most of them because you know they're all from different
countries and by the way none of them are like most of them are not employed by i can they're
just security researchers from all around the world so they do this like willingly and they
have to like take time off and fly to america to like perform this ceremony so we walk in after we
go through all these security protocols people are using iris
scanners thumb prints and even to just to get into the room you have to have two separate people scan
these key cards to allow them to enter the room you have to sign in every time you enter the room
like the amount of like tracing to know when anyone has done any action is like insane right
it's totally insane um so we go into this room and the room is kind of wild
because there's a seating room where everyone sits
and then there's like a front desk area for people,
for the person that is administering the meeting
to like call the meeting to order and do everything.
But there's also just a giant cage next to you.
And within that cage is like two safes.
And effectively what's happening during this key
signing key ceremony is that ICANN is signing the root zone and the root zone are the servers that
your ISPs resolver or recursive server. It's the first thing that your ISPs resolver asks for an
IP address. So if the root zone is signed that basically means that
that first jump that you went to in the dns system to like ask for where this ip address is
is also secure so just like a website becomes secure that whole zone of saying like i'm telling
you where to go you can tell you can you know that the information that I'm telling you where to go, you know that the information
that it's telling you where to go
is the real information, right?
Okay.
So if ICANN is able to do that,
your ISP will pretty much never get false information.
Because even if your ISP is sending out query numbers
and this nefarious server is sending out bongs,
wow, that doesn't, sorry.
We'll do that again.
I always say things and then they become inappropriate and I don't, I like never, I never like think about them.
Anyway, even if your ISP is sending out query numbers
and a nefarious server is sending out responses
to those query numbers, it uses the same cryptography
to know this response is legit, right?
So now when you spin up a new top
level domain i can requires that that top level domain is signed and that everything that comes
from that top level domain is signed but a lot of the originals have not been signed yet and
they're trying to get more people to sign them but this ritual is basically made to every three
months re-sign the root zone.
So anyway, yeah, all these people are from different countries and to perform any action
requires at least two to three people.
So to get into the cage, two people have to scan into the cage.
And then other people have different jobs where like only one person knows the code
to one safe.
Only one person knows the code to the other safe.
They open the saves.
Only one person knows the code to the other safe.
They open the saves.
They build a computer on the desk of the guy that's administering the whole ceremony.
They literally have a laptop that is just a shell.
They have to put in the battery.
They have to put in like all of these different parts of the computer.
They boot the OS off of a DVD.
Like everything, they have a power cable that like only goes into a certain area.
Like everything about this computer is air gapped,
which means it's like not connected to like the internet.
It has it,
they de-build it and rebuild it every time they do this.
That's awesome.
It's crazy.
That's really cool.
Isn't that awesome?
Yeah.
And then what they do after they go through all this cage stuff and all these,
all this stuff and then they build a computer is they have this thing called an hsm or a hardware security module basically what this hsm
is is it's a key generator that also needs people with key cards to put their key cards into just to
turn on and then that key generator algorithmically signs all of the root zones it creates new crypt cryptographic keys for all of the root zones that last for the next three months.
Yeah.
So it's this insane process, right?
And the crazy thing about this is there's maybe 15 people in the room.
Every single step that goes through the ceremony, every person in the room has to sign off that that happened exactly as it was supposed to, because they distribute the, uh, the script for the ceremony
way before the ceremony even happens. You can see it on the internet before you even do it.
Every single little task is like specifically test number one, test number two, test number three.
And it goes just, just like, it's like three to four hours of ceremony right so every person
in the room is like yep i agree that that worked the way it was supposed to yep i agree that worked
the way it was supposed to and there's just like no way for any one two three four nefarious actors
to like mess up yeah the key signing ceremony right it's like every single perceptible way
that they could get people to one person could say, I don't think you did that right.
And that actually happened at our ceremony where like one thing happened incorrectly and a couple people were like, wait, wait, wait, do that.
Oh, and they fix it.
And it's wild.
you know being able or having to like go to this this undisclosed location or secure facility and then not being able to film leading up to all this stuff oh
you can see the document here Ellis brought it in this is the key signing
key ceremony script look at the amount of pages in this 34 page double-sided
document normally this takes about four hours.
Our ceremony took three, and they were like, I think that's a record.
They were so excited.
The audit cameras are recording, and the online video streaming is enabled.
Confirm that all the ceremony attendees have signed in using the visitor log in Tier 3.
So a lot of it is really technical like that, but then if you go, I believe it's Act 9, Step 6.
Should be towards the back uh they get much more light-hearted towards the end ceremony participants take a group photo
that's it six nine there's six nine nice nice they got the memes too
very nice there's not i hope you might have said this while i was out of the
room but the,
you know,
the whole thing is like part of a public record.
Like you can go on YouTube and watch key signing key ceremony number 47.
And we're in it.
Welcome as well.
David Immel.
Here.
Ellis Roman.
Here.
And Adam Molina.
Here.
Great.
And so in the beginning,
there's a step where everyone introduces themselves.
And when they're like, all right, the YouTube guys, let's have them stand up and introduce themselves.
And on the public record, as we stand up, one of the administrators goes.
Smash that like button.
Smash that like button yeah so so yeah the incredible thing about this actually is that with how insanely secure all of
these steps are right it's actually security through transparency because they actually
live stream this entire process on youtube while they're doing it with the comments on.
Wow.
They have seven different camera angles.
One that's pointing directly down at the hardware security module.
One that's pointing at the audience.
One that's in the safe.
One that's this direction in the safe.
One that's doing this.
Like, they show you as many angles as physically possible.
They're using like a black magic switcher to just like, you know.
It's crazy because they're so public about everything.
But because there are so many places
to stop these potential points of failure,
just because you need a number of people
to sign off on things,
it's actually one of the most secure
possible things there is.
They're like putting it all out there.
They're like, this is how it works.
This is exactly the scripts.
This is what people need to be there to do the thing. But, but you can't break, you can't break in. Like it's literally impossible to break in
verified from every angle. Yeah. Wow. Um, so it was a pretty, it was a pretty crazy experience.
And what's crazy is that they're supposed to rotate the key holders out. You know,
it's like every few months, the key holders are supposed to rotate out or something like every
few ceremonies. Um, but they never really ended up doing it.
And then they were going to retire.
A couple of people were going to retire in 2020, but then they didn't because of COVID.
And so the ceremony we were at was the first ceremony where anyone ever retired.
And so two people retired at that ceremony.
It was like really emotional.
And like, I don't know, Ellis and Adam and I I we were like it felt like like a summer camp
kind of thing because we're in this room
with all these people for three and a half hours
we have lunch together we have this debrief
afterwards where and everyone's
like all right do you think that could have gone smoother
what could we have changed like what can we change
in the script next time and they retire
this people and it's just like everyone's
starting to get so emotional it's really weird
that's awesome so anyway you became the new key holder uh i actually the keys i asked if i
could be a key holder and they were like you go through a rigorous process of deciding who is
going to be a key holder yeah so basically background check you for yeah everything you
can apply and like we talked one of the people that retired was someone from Sweden and she was getting replaced by a new person from Sweden.
And we asked the new person from Sweden like oh like you know what do you do and she's like oh I've been in the cyber security industry for 30 years or something like that.
It was like she was like really insane.
Her credentials were crazy so like they go through like a rigorous vetting process um just to be able just because they want to make sure that anyone that is doing this stuff
knows what they're doing um so you don't have what it takes probably not probably not um so anyway
yeah it it ended up being kind of crazy because the DNS system is this thing that we all use
every single day.
We all assume that it's safe and secure and that when you go to a website, it's the real
website and people wouldn't use the internet if this didn't happen.
And these people who meet every three months and have sandwiches together in a secure facility,
they basically keep the internet safe.
together in a secure facility, they basically keep the internet safe. Like it is not necessarily true that they could take down the internet because they are just like signing the root zone and
making sure the internet's safe, but they, they are, they could kind of take down the internet
in the sense that you wouldn't use the internet because every single popular website would be
compromised. Potentially. Right. And it's just, it's crazy that this happens
and nobody knows about it.
The heroes we need, but not the ones we deserve.
Absolutely.
And they were the nicest people ever.
It was crazy.
So I guess to wrap this all up,
I do get, I guess it does feel slightly sketchy
that Donuts owns so much of the internet,
but it's also under the oversight
of a nonprofit organization
whose goal is to keep the internet safe. And it's a symbiotic relationship between private companies
and like oversight boards. And I don't know if there's a better model for this.
They've thought about moving these ICANN ceremonies to different countries, obviously,
because the internet sort of used to
be a US research project, but now it's owned by everybody. It's not even under the Department of
Commerce anymore. And the fact that the meetings happen in LA and Virginia is a little bit US
centric. So they're thinking about moving them. But I feel a lot more secure about the fact that
there's not some nefarious overlords that are kind of
running all this stuff you know there have been registrars who the people that run on registrars
have gotten in a lot of legal trouble for like selling domains before i can even said they were
like available and there have been random nefarious bad actors but overall i think it's something that
is just technically good for everyone.
And the last thing I got to note is that the irony of this whole story
about who owns pizza.pizza
is actually completely kind of wrong in the first place
because when I did that who is lookup
to find out who owns pizza.pizza,
I just missed the guy that owns pizza.pizza.
I just completely missed
his name. Uh, Ellis found it and Ellis emailed him and, uh, perfect ending to a David Ellis.
Six months later,
Ellis, do you want to tell them about the email? Sure we found out um pizza pizza we found it for sale on a domain auction site um pizza dot pizza is uh listed for
you want to guess how much pizza dot pizza costs yeah i do you want to guess uh we get a trivia
point one-time fee i'm gonna guess is 150 dollars wait i guess my question is do you pay yearly or
do you pay one-time fees there's an option to own it forever and there's an option to lease it per
month we're guessing own it forever own it forever yeah
1 000 neither of you are even remotely close i don't even know what you guessed what'd you say 150 guys so pizza
think pizza think of the power of the value i don't want to tell you right now so if you want
a pizza pizza took six months to research your project the name was right in front of them
uh it wasn't okay it wasn't in the who is look up because this the dude who owns it
made sure to redact all of his information.
I did find it on this domain auction site, though.
If you wanted to lease Pizza.Pizza, it would cost you about $200,000 a month.
Or you could have it for the cool price of $10 million.
Don't do it.
So Ellis decided to email
the owner of Pizza.Pizza.
Yeah, we'll put these emails up
for the video and I'll read them for the audio listeners.
But I said, hey, what's up? My name's Ellis.
I'm a producer on a podcast.
We're working about top-level domains.
I saw you own Pizza.Pizza.
Could we just talk?
I just want to know who you are, what you're about,
why you picked Pizza.Pizza. Could we just talk? I just want to know who you are, what you're about, why you picked Pizza.pizza.
And I got this email back.
Hello.
Thank you for your interest until I have nothing to say.
Thank you.
So wasn't down to talk.
Guess he just wants his cool 10 mil.
I just wanted to know why he owns Pizza.pizza.
Is it that hard of a question?
I mean, if I had something even just up for sale for $10 million,
I'd consider that worth owning.
Do we think he paid way more than that or way less than that?
No.
He definitely paid way less than that.
I would guess because during the.com boom,
when it was still pretty easy to get domains,
people were just parking as many domains
as they physically could yeah he's hoping he's hoping a big corporation comes along and they
have like an ad campaign where they're gonna do pizza that pizza yeah ads and they go well i guess
we'll have to spend two hundred thousand dollars and buy it from this guy who else do we know that
does things like that it's only twelve dollars a a month, a year. A year, $12 a month.
A dollar a month, Adam.
My portfolio is pretty good.
I am waiting for Lego Corporation
to come to me and just buy it for me,
but instead they decided to sue me.
So I, you know.
I think that's what happens
when they see the price tag.
That guy's not going to get $10 million in Pizza Hut.
Okay. There's no way. I'm going to tell, okay, just maybe we'll use this in a clip or maybe this will see the price tag. Maybe. That guy's not going to get $10 million in Pizza Hut. Okay.
There's no way.
I'm going to tell, okay, just maybe we'll use this in a clip or maybe this will be the
end of the podcast.
I just want to tell you guys about my League of Legos website.
Okay.
So.
Legos is a copyrighted word.
Yes.
Well, that's what you think.
So, okay.
So, Legos.
I had this great idea.
Do you guys know what a MOBA is?
Mm-hmm.
I do.
It's an acronym for...
I'm not 100% sure on the acronym,
but League of Legends, Dota, all those different ones.
Multiplayer Online Battle Arena?
Correct.
Multiplayer Online Battle Arena.
Okay.
League of Legends, Dota 2, that kind of stuff.
Now, in these MOBA games, it's usually 5v5 or 3v3,
and there's a lot of heroes in the game, right?
So usually they have themes.
League of Legends is like, you know, they create heroes.
The hardest part of making a MOBA is building a hero that is unique
and also balanced and also has a background and a story.
So most of these MOBAs only release one hero per year, right?
Dota only releases one to two heroes per year because character development is a lot, and
then they also have to create skills and have them balanced and all this stuff.
So what is the one company that has access to unlimited IP?
Just unlimited.
They have partnerships across the freaking globe. McDonald's.
Crocs. Disney.
Nintendo. Lego.
Oh my god.
Nike. Did I not cue this up?
Adidas.
Oh, the metaverse.
The metaverse? Oh my goodness.
So, Lego Corporation, if you go to any
store, you got Harry Potter
Legos. You've got New York City Legos, you've got Avengers Legos, and every single possible IP has made
a Lego set because it's a win-win situation for both companies, right?
So not only do you already have the 3D CAD models of these little minifigures, you can
just make, it already makes sense for lego to have
like a moba game but the fact that you can use any ip in this moba game means that you don't have to
like put a ton of effort into the character development and background stuff of this
character it seems like the most obvious thing ever right so uh i purchased leagueoflego.com and leagueoflegoes.com
because i wanted lego to reach out to me and pay me and said they reach out to me and sued me
but allegedly allegedly that's what you wanted well okay so but i have a really great way to
get out of this okay so in the event that they actually take me to a physical court, I'm going to
start a Irish pub. Whether or not it's in the real world or in the metaverse, who's
to say? But you know how Irish pubs and local pizza joints and these kind of places, they
sponsor local sports teams?
Yeah. sponsor like local sports teams yeah you know so imagine my irish pub oflego's irish pub right
oflego's irish pub sponsors a children's soccer team and they call it league of flecos right
league of flecos wait so the league has a bunch of the same team called flecos it's a they they
they know it's oflego's sponsoring one team but now there's's a, they, they, they, no, it's O'Flegos Irish Pub.
You're sponsoring one team,
but now there's a league
of only one team?
they could sponsor
a whole soccer league.
I'm just poking some holes
in here,
so I need to make sure
you're ready
for the Lego lawyers.
We'll just say they,
they,
dude,
the Lego lawyers
do not mess around.
I mean,
a league has to have
more than one team,
so the problem here is,
I think you need to create
a sport called O'Flegos.
Unless,
unless,
well,
we can just say they sponsor a whole league.
What if it's like a series of sort of randomized teams where each person plays a role,
and maybe each role has a specific skill,
and we can call them champions?
I like that.
It makes people feel like they're winning.
Yeah, yeah, yeah.
True, true.
Champions, heroes.
And it's a video game? I don't know about that. You know, it makes people feel like they're winning. Oh, yeah, yeah, yeah, yeah, yeah. True, true. Champions, heroes. And it's a video game.
I don't remember what that.
Anyway, anyway.
So, yeah.
So, the moment that I get more than a cease and desist letter, I plan to spin up the Irish pub in the metaverse.
For the lawyers.
The Lego lawyers.
I think it's a full fruit plan.
And that's the end of the podcast.
Almost.
Okay.
So, anyway.
So, yeah. plan and that's the end of the podcast almost okay so anyway so yeah so now now now um who
owns dot pizza dear listeners we own dot pizza we own dot pizza we own dot pizza we own dot pizza
we own dot pizza are you asking me to type we own dot pizzaizza? Oh, yes, I am. I just typed davidamelowns.pizza.
Oh, my God.
We own weown.pizza.
We own weown.pizza.
We own weown.pizza.
We own weown.pizza.
How'd you get this picture of me?
Anyway, that's the end of the podcast.
I hope you guys learned something about the domain name system and the insane world of
ICANN.
Many of the people at ICANN told us that if we were able to make a podcast that they could
show to their kids so that they knew what they did for a living, it would be beneficial.
I'm not sure if this helped, but if it did, that'd be great.
I did learn a lot, yeah.
I learned a ton.
I'm probably going to learn a ton again when I re-listen to this
because there's a lot of information.
But I have one short burning question at the end.
Hit me.
The pizza you had that night when you developed all of this,
was it just like not satisfactory
because you had so much on your brain after ordering, before ordering?
That night that I wanted to order a pizza?
Well, you were originally ordering pizza, correct?
Well, I wanted to.
You never ordered pizza that night?
Oh my god.
Are you serious?
Oh my god.
You totally left that out.
I should have guessed that.
I should have guessed you never.
Did you guys just not eat that night?
We've been working on this story for six months
and you never told me that.
We actually didn't have dinner that day.
I fell too deep into this rabbit hole and then it was like 11 p.m., and we just kind of.
It's only right.
Oh, that was perfect.
It's only right.
Yeah.
Anyway, yeah, thanks for listening to the Waveform podcast.
Also, we got to give some special thanks to the people that were helping us out over at ICANN.
Patrick showed us around on his day off.
Andreas and Aaron helped us and were amazing
and guided us through the whole process.
Gwen hooked us up with the ICANN stuff in the first place
after I pestered them for multiple months.
Vince Cerf and Steve Crocker,
who helped build the internet in the first place,
they came on and did interviews with us,
and that was super useful.
Appreciate that.
And Kim Davies, who is now the new IANA,
the new Internet Assigned Numbers Authority, was not physically at the event with us, but he was on the iPad.
It was like a little virtual head.
And he's in the photo on the iPad as a virtual head.
Thank you, everyone.
Thank you.
Also, thank you to Vox Media Podcast Network, Adam Ellis, David, and Vane Sill for creating our intro to our music.
Close enough.
Peace.