We’ve discussed the Stop Online Piracy Act (SOPA) at some length, but haven’t said much about the serious technical problems with the bill as its written. Depending on how its implemented, SOPA could demolish the cohesive structure of the internet by damaging the core functionality of the Domain Name Service (DNS) system. As written, SOPA tasks ISPs with preventing US internet users from accessing a site that’s been deemed to contain infringing content by preventing their browsers “from resolving to that domain name’s Internet Protocol address.”

The question is, how might that sort of blocking actually be accomplished? Existing legal structures already allow the government to petition Verisign to remove the DNS records that resolve to any given website (we’ll use pirates.com as an example). The government could also seize pirates.com under existing asset forfeiture law. Alternately, if an infringing site were hosted by a US DNS provider, the government could ask that provider to terminate service. In this last case, the site could still migrate to a different host.

All of these methods are already allowed under existing US law and have been used in the past. The third option, as described by Dyn and reportedly contemplated by SOPA, is the creation of restrictive DNS blacklists. Before diving into these, let’s discuss how DNS actually works.

DNS is what enables your web browser to find any given site using a text string instead of an IP address. Each client requests information on where to find a particular domain from the DNS server it connects to. Type in “pirates.com,” and your web browser communicates with your ISP’s DNS server, which informs it that the IP address for that site is 12.130.102.11. Your web browser directs you to the IP address while displaying the typed domain.

So far, so good. The problem with SOPA is that the only way to block US users from visiting certain websites is to create a list of disallowed addresses, then block only US citizens from accessing them. For a practical example of how this impacts web traffic, consider airport security before and after 9/11. Before 9/11, airport security was little more than a brief stop. Now, it takes long enough that airports across the country have installed long queues to fit a sufficient number of people into a space that once held just a fraction of their number at any given time. This continues to be the case, despite a massive increase in the number of security personnel deployed at the terminal for screening purposes. As the map of the internet (pictured below) illustrates, that’s a lot of traffic to be filtered.

The second major issue, as Dyn discusses, is the question of how these lists are to be maintained, communicated, and adjusted. Any attempt to maintain a comprehensive blacklist could turn into a game of chicken between foreign DNS providers registering new domains and copyright holder’s attempts to block US access.

Next page: Will SOPA break the internet?