[Cryptography] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Greg greg at kinostudios.com
Fri Dec 13 19:10:02 EST 2013

Hi list,

Moving this into its own thread:

DNSNMC fixes the authentication problems previously described, and it addresses all of the problems that with the previously mentioned proposals. It does this first by combining DNS with Namecoin (NMC), and then by encouraging a “trust only those you know” policy.5

“Namecoin is an open source decentralized key/value registration and transfer system based on Bitcoin technology”.[16] Namecoin “squares Zooko’s Triangle”, meaning, it makes it possible to have domain names (and other types of identifiers) that are:

Authenticated: users can be certain that they are not speaking to an impostor

Decentralized: there is no central authority controlling all the names

Human-readable: names look just like today’s domain names

However, by itself, Namecoin does not provide the means by which ordinary users can take advantage of the features it provides. Using Namecoin is far too cumbersome for the vast majority of internet users, even those with years of computer expertise. For one, it cannot be used on mobile devices (like iPhones) in its current state because of its network requirements.

DNSNMC provides the missing “glue” to the Namecoin blockchain that makes it immediately accessible to clients of all types with zero configuration. A network administrator need only enter the IP address of a DNSNMC-compliant DNS server to instantly make the information within the blockchain accessible to all of the users that she (or he) provides internet access to. 

Paper: http://okturtles.com/other/dnsnmc_okturtles_overview.pdf

Greg Slepak
Please do not email me anything that you are not comfortable also sharing with the NSA.

Please do not email me anything that you are not comfortable also sharing with the NSA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131213/9618bbe7/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20131213/9618bbe7/attachment.pgp>

More information about the cryptography mailing list