-
The internet addresses we use daily (e.g., *something.com, something.org*) are just a part of the internet called the DNS [root zone](https://icannwiki.org/Root_Zone#), which is essentially a hierarchical database of all the names you can access on the internet (similar to a telephone directory). Currently, the only root zone we know is the [ICANN root zone](https://www.icann.org/root-server-system-en). Nobody refers to it as the ICANN root zone or ICANN domains because it is inherently the only root zone people know, so we simply call it the Internet and domains. The ICANN root zone is extremely convenient; having a centralized and unified root zone makes life easier for people, and it will remain the main root zone on the internet for the foreseeable future. However, the internet is not meant to have only one root zone. While the ICANN root zone has its advantages, it also has some drawbacks. This is where [alternative root zones](https://en.wikipedia.org/wiki/Alternative_DNS_root), which experiment with different trade-offs, make sense. Handshake is an alternative root zone based on a decentralized peer-to-peer network, offering a different set of trade-offs compared to the ICANN root zone. The following table highlights the main differences between the ICANN and HNS root zones: |**Feature**|**ICANN Root Zone**|**HNS Root Zone**| |:-|:-|:-| |**Governance**|Centralized (ICANN)|Decentralized (Peer-to-peer)| |**Domain creation**|Requires ICANN approval|Permissionless and auction-based| |**User Interaction**|Only through specific registries|Directly on its blockchain| |**Infrastructure**|Traditional DNS root servers|Blockchain-based| |**Resolution**|Native support in browsers and systems|Requires custom resolvers or tools| |**Trust Model**|Trust in the ICANN|Trustless, cryptographic verification| |**HTTPS setup**|Certificate authority|[DANE](https://blog.htools.work/posts/stateless-dane/)| |**Purpose**|Corporate and State sovereignty; Stability|User sovereignty; Experimental| ## How to access the HNS root zone Now you know that the root zone you’re familiar with is the ICANN root zone, which is universally supported by operating systems and browsers. But what if you want to own a Handshake domains or want to access Handshake addresses to explore what’s in the Handshake root zone? Essentially, you have a few options: **1. PC and desktop** You have a few options explained here: [https://learn.namebase.io/development/resolving-handshake](https://learn.namebase.io/development/resolving-handshake), but the recommended one is **Fingertip,** a resolver created by Impervious that enables you to trustlessly resolve Handshake names: * [https://impervious.com/fingertip](https://impervious.com/fingertip) * [https://github.com/imperviousinc/fingertip](https://github.com/imperviousinc/fingertip) If your certificate expires at some point, usually after one year, you can either replace the certificate with a new one or delete the folder where the certificate is stored (on Windows, it should be located in a path like `Users\yourname\AppData\Roaming\Fingertip`). After deleting this folder, the next time you restart your computer, Fingertip will prompt you to generate a new certificate. Simply say yes, and that’s it! **2. Smart phones and other devices** For mobile phones and such the easiest and more convenient way is [HNS DoH](https://welcome.hnsdoh.com/), the DNS over TLS option. **3. Explore the Handshake Root Zone** * [https://www.niami.io/](https://www.niami.io/) or [https://niami](https://niami) * [https://hns.cymon.de/](https://hns.cymon.de/)