[cryptography] First public DNSChain server went online yesterday!
eric at konklone.com
Sat Feb 8 18:52:47 EST 2014
On Sat, Feb 8, 2014 at 4:38 PM, Natanael <natanael.l at gmail.com> wrote:
> 1: Domains expire unless renewed.
I did not understand that about Namecoin at all, that is A+.
> 3: The security model of blockchain based systems like Namecoin is that
> the primary chain had the greatest amount of proof-of-work behind it, and
> you can't fake the proof-of-work. You can try to isolate a node and provide
> a fake chain, but the moment the client sees the current main chain it will
> see it has more proof-of-work behind it and dismiss the previous shorter
This isn't what I mean - what if someone is MITMing all your connections to
the blockchain, so you're being presented with all fake chains, and never
have a chance to see the real one? In other words, how is the connection to
the blockchain itself secured? Some DNSSEC equivalent?
> - Sent from my phone
> Den 8 feb 2014 22:19 skrev "Eric Mill" <eric at konklone.com>:
> I just want to be clear on my understanding here. This provides a way to
>> register a .dns or .bit domain, and store your registration of that domain
>> in a blockchain.
>> Then, to guarantee authenticity, you can store a fingerprint of an SSL
>> cert in the blockchain, so that anyone can verify that the person who
>> registered this domain also created this cert.
>> Some questions, though the first two may just be about Namecoin:
>> * If you lose your "wallet" for your name, is the domain forever and
>> truly inert?
>> * Can you transfer your domain to someone else?
>> * How do you prevent an attacker from intercepting and modifying your
>> connection to the blockchain itself? What's the security model there?
>> of CoffeeScript. Regardless of the merits of the language, it will
>> use/know CoffeeScript well (like myself).
>> Overall I'm **super** excited about Namecoin and DNSChain, and I've been
>> waiting for someone to connect them through traditional DNS. This is such
>> valuable work, thank you for being a pioneer on this.
>> -- Eric
>> On Sat, Feb 8, 2014 at 12:53 AM, Greg <greg at kinostudios.com> wrote:
>>> From README.md on GitHub:
>>> DNSChain (formerly DNSNMC) makes it possible to be certain that you're
>>> communicating with who you want to communicate with, and connecting to the
>>> sites that you want to connect to, *without anyone secretly listening
>>> in on your conversations in between.*
>>> * DNSChain "stops the NSA" by fixing HTTPS
>>> * Free SSL certificates
>>> * How to use DNSChain *right now*!
>>> * Don't want to change your DNS settings?
>>> * The '.dns' meta-TLD
>>> * How to run your own DNSChain server
>>> * Requirements
>>> * Getting Started for devs and sys admins
>>> * List of public DNSChain servers
>>> * Contributing
>>> * Style and Process
>>> * TODO
>>> * Release History
>>> * License
>>> Previous thread was:
>>> Re: [cryptography] DNSNMC replaces Certificate Authorities with Namecoin
>>> and fixes HTTPS security
>>> Please do not email me anything that you are not comfortable also sharing with
>>> the NSA.
>>> cryptography mailing list
>>> cryptography at randombit.net
>> konklone.com | @konklone <https://twitter.com/konklone>
>> cryptography mailing list
>> cryptography at randombit.net
konklone.com | @konklone <https://twitter.com/konklone>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography