Huh, over (or more general DNS that is based on cryptography)… It's an interesting idea especially for the root DNS servers, but there is a fundamental problem:

Key management.

The article I read used as an example. What if an attacker obtains the private key for this domain? He can now control it or even transfer it.

Right now, you can get a court rule that undoes that. But with DoB this would mean everyone has to learn a new domain. Good luck with that…

For those who wonder about the article:

The problem with DNS is: It's so fundamental that you want humans to have a word in it. (So probably no blockchain)

And you also don't want in-memorable hashes as domain names, since you already have IPs for that. (So not like .onion addresses)

I'm open for ideas, feel free to have suggestions.

Show thread

@deejoe I mean, the basic idea sounds not bad. but I see a huge bootstrapping problem. And don't see the key management problem solved.

I mean when we have an address "a8s…4d3f" that got the petname "youtube" in my namespace and now someone references it as "Sheogorath's youtube" which sounds very natural, how do we make sure, in case of a hijacked keypair that everyone who has such reference, updates it on time?

And how to obtain the cryptographic address in first place?

Sign in to participate in the conversation
Sheogorath's Microblog

This is my personal microblog. It's filled with my fun, joy and silliness.