Malicious domains will require someone removing them or blocking them even, unless you want the DoB namespace to turn into a cesspool of malware, phishing and nazis. Not something the average person wants.
There is no reason we can't deploy something that takes the good parts of decentralized operation without having to commit to a full P2P blockchain IoT buzzword fiasko.
Because an amount of money I can afford to protect it is tiny compared to FB's marketing budgets.
Computers weren't mainstream when DNS was invented.
I guarantee you will have luck. Let's truck it. Have some self-hope. It'll be grand <3
My question - Sure blockchain can do this, but couldn’t a simpler DHT-based p2p system would work just as well or better? I like the distributed/anonymity/authenticity, but why is blockchain required?
...and controlled by whoever has the most computing power. ;-)
Plus, Ipfs isn't that good when it comes to authentic data, if it's signed, there is only one key, so it's centralized again.
Bootstrapping a P2P system efficiently requires known P2P nodes and those will require DNS unless you want to shell out for a static IP permanently (and hope nobody poisons ARP!)
2) find the cert thumbprint for site.com
3) find the cert by the thumbprint and connect to one if IP SAN records
Also you don't need the "Where is IPFS?" DNS query to be anonymous in the first place.
And you need to bootstrap without DNS if you plan to actually replace DNS, not live beside it.
> And you need to bootstrap without DNS if you plan to actually replace DNS, not live beside it.
Whatever. DNS itself is never going to shut down, so 100% replacement even for bootstrapping isn't a real concern. And if starting with 13 fixed IP addresses is good enough for DNS, then it should be good enough for IPFS.
Not everything in the world can be poisoned if you design carefully enough, but IPFS isn't a design I'd pick for building the foundation of an internet.
This MIT Tech Review article gives a good overview of Handshake's goals: https://www.technologyreview.com/s/613446/the-ambitious-plan...
For the censorship we have in the west e.g. blacklisting torrent sites a non-ISP DNS and or CDN already solve that problem, for anything beyond that nothing would help.
It all comes down to whether you think the current stewards and legal regimes and ICANN are doing a good job or not. [I'm undecided].
Namecoin is an idea (that failed because IMO it was too early) so old by now that I am truly surprised there hasn't been a full blown distributed DNS solution that works in parallel to the existing one based on blockchain.
Also, reminds me of the old saying about “now you have two problems”
No, public key cryptography means that the key doesn't need to be shared.
A blockchain is only needed if parties need to write to the database in a decentralized manner, and the order of the writes is important & can't be tampered with.
Also, what does CloudFlare bring to you? 99% of websites don't need DDOS protection or a complex firewall. Using CloudFlare for these websites means:
- CloudFlare gets to inspect and snoop 100% of your "HTTPS" trafic (because the TLS termination happens on their side)
- Tor users most times cannot access your services at all because CloudFlare and Google work hand-in-hand to prevent them from using the web by serving infinite CAPTCHA loops (see #FuckCloudFlare)
- CloudFlare becomes a SPOF for much of the web, like other "cloud" providers ; accessing your website depends on the availability and good will of a huge multinational
So if you want to help people access the Internet without censorship and surveillance, please never use CloudFlare or equivalent services. They make everything so much worse through centralization. If we wait too much, it will become a HUGE problem.
The article specifically calls out Namecoin, but doesn’t say anything about how Namecoin falls short or why it can’t be augmented/improved instead of building a whole new thing.
I know I’ll sound like a grump here, but why does the bar for HN front page feel so low these days?
There are also a number of other valuable efforts. Both in other Standards Development Organizations (SDOs), such as Decentralized Identity Foundation (DIF) , Apache HyperLedger projects like Aries , etc. And in working conferences/unconferences like Rebooting Web of Trust (RWOT) , and Internet Identity Workshop (IIW) . On a tangential note, Unconferences are an interesting concept .
Why is the solution to every problem "blockchain" these days?
That is a trope and is no longer true. If you say blockchain is the solution you get laughed at.
The point is less about storing the audit history, but more about preventing Man-in-the-Middle attacks and solving the timestamp-certificate chicken-egg problem.
while it may be harder in the US i could legitimately see a mechanism developing to make that a requirement for isps
This is going full circle