[Cryptography] Preliminary review of the other Applied Cryptography

[Bear]

On Fri, 2014-04-11 at 01:41 +0200, tpb-crypto at laposte.net wrote:

> It won't be long before a clever P2P DNS system pops out and kills
> everything related to the domain name and x509 system which clearly
> doesn't serve us anymore and whose abandonment is long overdue.

Actually, a quite clever, well-secured P2P DNS system has been 
created, and IMO ought to be known and used more widely.  

https://www.namecoin.org/

It's blockchain secured (developed from Bitcoin technology), except
instead of keeping track of who owns the output of particular 
transactions of a circulating pool of imaginary nerd money, it 
keeps track of the association (and occasional revocation) of
keys/addresses with domain names.

It is strictly first-come first-served, so there's no second-party
revocation if, for example, skeptics claim 'scientology', nor 
any procedure for mediation if the World Whack-A-Mole Fund and 
the Wildlife Wrestling Foundation can't agree on who gets 'wwf'. *1

Also, it makes no effort to take up existing DNS information from 
the domains administered by major TLD's like .com, .org, and so on.
I think that it ought.  

But the people who administer those TLD's don't like and would 
not abide by the limitations of its decentralized aspects, so it 
would quickly go out of sync, because for example they couldn't 
kick domain squatters off of a potentially lucrative trademarked 
name without getting the claimant to use his/her own key to revoke 
the old cert, etc.

			Bear


*1 I think that's a fundamental limitation of a fully decentralized 
system, and actually more fair.  I could live with it, and  be 
happier with that arrangement than with the current one.  It 
would force people to resolve these decisions by resorting to 
buying and selling for the market value of the names rather than 
by simply using force against the less powerful or less privileged
claimant.