[cryptography] First public DNSChain server went online yesterday!

Eric Mill eric at konklone.com
Sat Feb 8 18:52:47 EST 2014


On Sat, Feb 8, 2014 at 4:38 PM, Natanael <natanael.l at gmail.com> wrote:

> 1: Domains expire unless renewed.
>
I did not understand that about Namecoin at all, that is A+.

> 3: The security model of blockchain based systems like Namecoin is that
> the primary chain had the greatest amount of proof-of-work behind it, and
> you can't fake the proof-of-work. You can try to isolate a node and provide
> a fake chain, but the moment the client sees the current main chain it will
> see it has more proof-of-work behind it and dismiss the previous shorter
> chain.
>
This isn't what I mean - what if someone is MITMing all your connections to
the blockchain, so you're being presented with all fake chains, and never
have a chance to see the real one? In other words, how is the connection to
the blockchain itself secured? Some DNSSEC equivalent?

-- Eric

>  - Sent from my phone
> Den 8 feb 2014 22:19 skrev "Eric Mill" <eric at konklone.com>:
>
> I just want to be clear on my understanding here. This provides a way to
>> register a .dns or .bit domain, and store your registration of that domain
>> in a blockchain.
>>
>> Then, to guarantee authenticity, you can store a fingerprint of an SSL
>> cert in the blockchain, so that anyone can verify that the person who
>> registered this domain also created this cert.
>>
>> Some questions, though the first two may just be about Namecoin:
>>
>> * If you lose your "wallet" for your name, is the domain forever and
>> truly inert?
>> * Can you transfer your domain to someone else?
>> * How do you prevent an attacker from intercepting and modifying your
>> connection to the blockchain itself? What's the security model there?
>>
>> I also have a non-trivial suggestion, which is to use JavaScript instead
>> of CoffeeScript. Regardless of the merits of the language, it will
>> discourage participation from Node/JavaScript developers who do not
>> use/know CoffeeScript well (like myself).
>>
>> Overall I'm **super** excited about Namecoin and DNSChain, and I've been
>> waiting for someone to connect them through traditional DNS. This is such
>> valuable work, thank you for being a pioneer on this.
>>
>> -- Eric
>>
>>
>> On Sat, Feb 8, 2014 at 12:53 AM, Greg <greg at kinostudios.com> wrote:
>>
>>> From README.md on GitHub:
>>>
>>> DNSChain (formerly DNSNMC) makes it possible to be certain that you're
>>> communicating with who you want to communicate with, and connecting to the
>>> sites that you want to connect to, *without anyone secretly listening
>>> in on your conversations in between.*
>>>
>>>  * DNSChain "stops the NSA" by fixing HTTPS
>>> * Free SSL certificates
>>> * How to use DNSChain *right now*!
>>>  * Don't want to change your DNS settings?
>>> * The '.dns' meta-TLD
>>>  * How to run your own DNSChain server
>>> * Requirements
>>> * Getting Started for devs and sys admins
>>>  * List of public DNSChain servers
>>> * Contributing
>>> * Style and Process
>>>  * TODO
>>> * Release History
>>> * License
>>>
>>>
>>> https://github.com/okTurtles/dnschain
>>>
>>> Previous thread was:
>>>
>>> Re: [cryptography] DNSNMC replaces Certificate Authorities with Namecoin
>>> and fixes HTTPS security
>>>
>>> Cheers,
>>> Greg
>>>
>>> --
>>> Please do not email me anything that you are not comfortable also sharing with
>>> the NSA.
>>>
>>>
>>> _______________________________________________
>>> cryptography mailing list
>>> cryptography at randombit.net
>>> http://lists.randombit.net/mailman/listinfo/cryptography
>>>
>>>
>>
>>
>> --
>> konklone.com | @konklone <https://twitter.com/konklone>
>>
>> _______________________________________________
>> cryptography mailing list
>> cryptography at randombit.net
>> http://lists.randombit.net/mailman/listinfo/cryptography
>>
>>


-- 
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20140208/7e29a481/attachment.html>


More information about the cryptography mailing list