February 22, 2017. @pfrazee
DNS shortnames for Dat were not possible until Beaker 0.6.1.
We needed a secure way to transmit a DNS mapping for non-HTTPS sites. Originally we used DNS TXT records, but the lack of authentication made the lookup easy to MITM. We considered DNSSEC, but due to limited deployment and difficult setup, we felt that was the wrong solution.
We opted for DNS-over-HTTPS instead.
How it works. When a Dat URL with a shortname such as dat:// is loaded, Beaker makes a GET request to https:///.well-known/dat. The response looks like this:
Beaker loads the URL from line 1, and then caches it for the number of seconds specified by the
TTL line 2. This is used by DatHTTPD to host sites over Dat and HTTPS at the same shortname.
DNS for Dat!
DatHTTPD is a static server for Dat and HTTPS. It rehosts dats so that you can visit https:// or dat:// and get the same content.
How it works. DatHTTPD joins the swarm for the sites it’s hosting, then creates an HTTPS server for each site and hosts them at separate domains. It uses Lets Encrypt to provision TLS certificates automatically. The
/.well-known/dat file is served for each domain.
How to use it. Host your Dat site locally using Beaker or the Dat CLI. Setup a VPS and point your DNS entry to it. Then create a config file at
letsencrypt: email: '' agreeTos: true sites: : url: dat:///
npm install -g dathttpd dathttpd start
The server is now running. Traditional browsers can visit https:// and Beaker can visit dat://.
When you publish updates to the Dat sites, DatHTTPD will automatically sync those changes from your device.
DNS-over-HTTPS enables Beaker to load Dat sites with shortnames, and DatHTTPD lets you host sites over Dat and HTTPS.