[cryptography] DNSNMC replaces Certificate Authorities with Namecoin and fixes HTTPS security

Kelly John Rose iam at kjro.se
Sat Dec 21 18:38:52 EST 2013


This is my concern as well. Part of the current system is the cost of
entry. If there is no central authority, and all people can simply create
teh domains they want, then there will be the very serious issue of someone
going to the microsoft in that domain name space and not getting microsoft,
but getting an imposter.

Or worse, someone going to Bank of America and getting an imposter.


On Sat, Dec 21, 2013 at 4:04 PM, Eduardo Robles Elvira <edulix at gmail.com>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> On 21/12/13 20:49, Greg wrote:
> > Hi list,
> >
> > DNSNMC fixes the authentication problems previously described, and
> > it addresses all of the problems that with the previously mentioned
> > proposals. It does this first by combining DNS with Namecoin (NMC),
> > and then by encouraging a “trust only those you know” policy.5
> >
> > “Namecoin is an open source decentralized key/value registration
> > and transfer system based on Bitcoin technology”.[16] Namecoin
> > “squares Zooko’s Triangle”, meaning, it makes it possible to have
> > domain names (and other types of identifiers) that are:
> >
> > Authenticated: users can be certain that they are not speaking to
> > an impostor
> >
> > Decentralized: there is no central authority controlling all the
> > names
> >
> > Human-readable: names look just like today’s domain names
> >
> > However, by itself, Namecoin does not provide the means by which
> > ordinary users can take advantage of the features it provides.
> > Using Namecoin is far too cumbersome for the vast majority of
> > internet users, even those with years of computer expertise. For
> > one, it cannot be used on mobile devices (like iPhones) in its
> > current state because of its network requirements.
> >
> > DNSNMC provides the missing “glue” to the Namecoin blockchain that
> > makes it immediately accessible to clients of all types with zero
> > configuration. A network administrator need only enter the IP
> > address of a DNSNMC-compliant DNS server to instantly make the
> > information within the blockchain accessible to all of the users
> > that she (or he) provides internet access to.
> >
> > Paper: http://okturtles.com/other/dnsnmc_okturtles_overview.pdf
> >
> > Cheers, Greg Slepak
>
> Hello Greg:
>
> The obvious problem with this is that namecoin doesn't have all the
> domain names already registered assigned to the current owners, and
> there's no arbitration authority that can prevent domain cibersquatting.
>
> So I can register all the important domains: microsoft, ebay, google,
> nsa, whitehouse, you name it, and I will be the owner of them forever.
> What's worse, if the domain keys are lost, the domain name is lost too.
>
> There should be a procedure to fix all this in a reasonable manner.
> For example, if names in namecoin had to be renovated each year, lost
> or unused domains could be recovered. I don't see any simple way to
> solve domain name squatting without adding some trusted authority or
> some kind of cumbersome/impractical voting mechanism.
>
> For new projects, namecoin is more or less as viable as current DNS
> structure: when you are searching for a name, just check that it is
> available. But for existing websites, it would require some good luck.
> How would you do a smooth transition?
>
> Regards,
> Eduardo
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.22 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iF4EAREIAAYFAlK2AkMACgkQqrnAQZhRnarZDgEAsaB0O3+sV8FEvGkpPATOgWoN
> md6Wt6TYCdpZ2oUTdkABAI7+NaHF+t2e6cL6v5Jc8vEnfUMCgGTTdxHRBc2Jp9My
> =48ZL
> -----END PGP SIGNATURE-----
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>



-- 
Kelly John Rose
Toronto, ON
Phone: +1 647 638-4104
Twitter: @kjrose
Skype: kjrose.pr
Gtalk: iam at kjro.se
MSN: msn at kjro.se

Document contents are confidential between original recipients and sender.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20131221/d03cd606/attachment.html>


More information about the cryptography mailing list