Discuss mailing list

[Kenny Taylor <kennytaylor AT runbox.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

So each user has an RSA key pair.  Use the blockchain model, where each 
block is signed using an RSA key.  The block may be a DNS record or a 
up/down vote referencing a domain or a renewal notice referencing an existing 
domain.

Each user could choose which public keys to trust.  So you could have some 
organizations like EFF, Telecomix, etc. who publish up/down vote lists.  That 
would create a semi-centralized model based on trust.

Clients would consider a domain expired if no renewal block was submitted 
within a given timeframe.  The renewal block would need to be signed by the 
private key that generated the original domain record.

DNS records (A, CNAME, etc) could be published to the blockchain and 
considered valid if signed by the private key of the corresponding domain 
record.

- - Squatters could be down voted to oblivian
- - Domains expire unless explicitly renewed (no permanently lost domains due 
to private key loss)
- - No cost involved, upfront or ongoing
- - Trust model that can be delegated to trusted organizations it individuals 
(I.e. I trust any votes made by the EFF). Greatly simplifies the end-user 
experience.
- - Trusted up/down voters would not have to be a legal entity that can be 
sued or coerced.  All that is required is an RSA key pair.




Quinn Wood <wood.quinn.s AT gmail.com> wrote:

>On Sun, May 26, 2013 at 12:20 AM, Jeff Taylor <shdwdrgn AT sourpuss.net>
>wrote:
>> The way I see it, you wouldn't necessarily need a web-of-trust model,
>> although it might be more reliable.
>>
>
>> For storing the records, it wouldn't really be that much different
>that
>> what we have now -- using standard zone files -- there would just be
>a
>> lot more of them, or there could be a single large file containing
>the
>> pointers to all the domains.
>>
>
>I had posed a question in IRC a while back about mirroring the entire
>root zone. I was actually trying to examine the worth of a PGP WoT
>like DNS system.
>
>The idea was to use it as a secondary DNS server, using some kind of
>local caching nameserver. Instead of just caching though, the rough
>goal was to go through a bit of a flow:
>
>< Use WoT Data? >
>             |
>           Yes
>             |
>< Record Found? > -- Yes -- ( Request vote: Correct Record/Incorrect
>Record, if enabled in user settings) -- Return Record
>             |
>            No
>             |
>< Use Legacy Data? > -- No -- Return NXDOMAIN
>             |
>           Yes
>             |
>< Record Found? > -- No -- Return NXDOMAIN
>             |
>           Yes -- ( Request vote: Update Record, if enabled in user
>settings) -- Return Record
>
>
>The primary two problems I faced with the idea (other than simply not
>knowing how to approach it technically) where the voting mechanism and
>the data storage. A blockchain based system like Namecoin, I feel,
>could come extremely close to solving both problems, but it wouldn't
>be a web of trust. I thought, and still think, a democratic function
>in at least so far as consensus tracking is a precondition to an open
>name resolution infrastructure.
>
>
>--------
>You are a member of the OpenNIC Discuss list.
>You may unsubscribe by emailing
>discuss-unsubscribe AT lists.opennicproject.org

- --
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
-----BEGIN PGP SIGNATURE-----
Version: APG v1.0.8

iQJDBAEBCAAtBQJRokEdJhxLZW5ueSBUYXlsb3IgPGtlbm55dGF5bG9yQHJ1bmJv
eC5jb20+AAoJELOordj4VKFQb6gP/RU0D5I/u8sJTx+9XbntKaMAmUywLnLLr1P5
BB1WladzOI1Apbga4HGOTWH0i7cOHL+SNixhrmnMbqwReTbkUnpYBEZOhoekN12G
C7GVJ1iswg6mPm7JHuspyCrODIf1xjzj8bUDlaYdXeMsbmJ9xYfYuIpAraLoIIlo
adiZx4pz4d9pyfe/Ei23TCtfwjNTiTtuLJWDNL1cOQNYi7iAxPybCLCmPDvDyj0S
3RZHsVebrK/xk76XCgBQXnmLMS+RatcCLwXf8xYR8AUdVmBnXvLtEimMkE9Af9Vp
9SHU1ypaMZt5sBdOQFlvwV7dKccIed/1EqETcqYHAv+r/t5kjxyhxzt1NGXh6xnK
q01fvwndJwOvG3/CzX46l2mNQcFo0FNZi84/MkKrK+2VhttkDy5BLQmuyrU8e0Bq
U4/Tfh3Bnw9n4ccm4E6g7EyMQrkXcEGtMrHDXFR3UQH71sKi+S8Q0vOZieEwLPwA
ktDrXwZC35oNliIF0XQgYYTy0jKbBMIBCm9s+Z6eFcPHSILsQaHtGfhDYAExrbEc
AXeq9MHqf8Pki3TeuIDLmuQjvW+fLQEC69r75OYiuxWXb4IEjj8UoTBNaDdY6eqL
6GJanCG3RCx44hNam5IQmBQwtRXE1MQVj41ZhFW/+Kd7WLDMFUYHtHfx+UbQQXdL
CcAIDS+T
=iMlu
-----END PGP SIGNATURE-----