[Cryptography] Preliminary review of the other Applied Cryptography
Bear
bear at sonic.net
Fri Apr 11 22:07:38 EDT 2014
On Fri, 2014-04-11 at 01:41 +0200, tpb-crypto at laposte.net wrote:
> It won't be long before a clever P2P DNS system pops out and kills
> everything related to the domain name and x509 system which clearly
> doesn't serve us anymore and whose abandonment is long overdue.
Actually, a quite clever, well-secured P2P DNS system has been
created, and IMO ought to be known and used more widely.
https://www.namecoin.org/
It's blockchain secured (developed from Bitcoin technology), except
instead of keeping track of who owns the output of particular
transactions of a circulating pool of imaginary nerd money, it
keeps track of the association (and occasional revocation) of
keys/addresses with domain names.
It is strictly first-come first-served, so there's no second-party
revocation if, for example, skeptics claim 'scientology', nor
any procedure for mediation if the World Whack-A-Mole Fund and
the Wildlife Wrestling Foundation can't agree on who gets 'wwf'. *1
Also, it makes no effort to take up existing DNS information from
the domains administered by major TLD's like .com, .org, and so on.
I think that it ought.
But the people who administer those TLD's don't like and would
not abide by the limitations of its decentralized aspects, so it
would quickly go out of sync, because for example they couldn't
kick domain squatters off of a potentially lucrative trademarked
name without getting the claimant to use his/her own key to revoke
the old cert, etc.
Bear
*1 I think that's a fundamental limitation of a fully decentralized
system, and actually more fair. I could live with it, and be
happier with that arrangement than with the current one. It
would force people to resolve these decisions by resorting to
buying and selling for the market value of the names rather than
by simply using force against the less powerful or less privileged
claimant.
More information about the cryptography
mailing list