[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSLegance



What problem are we solving, exactly? No eavesdropping is simple enough. No
MITM is not preventable without information known to come from the intended
source. Presently we have "all knowers" called certificate authorities. We
trust them as a collective not individually. Their security depending on
their collective is a fatal mistake. The idea of an all-knower is very,
very convenient for the design of these systems.

Yet, is it required? Surely there must be a distributed, not decentralized*
approach that works to spread information with certainty.

The problem then lies with the link between the security record (signature,
proof of private key) and the name record (DNS). Simply signing the DNS
records would be enough, then the DNS records must be provided properly.
This is moving the problem. Yet, it is moving the problem to the DNS
provider, which also suffers from the centralization weakness that persists
in such decentralized arrangements.

Having a DHT in which several known friends are anchored might allow that
DHT to "vote" on the subject. Every node will accumulate the votes from its
trusted neighbors and vote on what the majority agrees on. Heuristic, but
typically functional. And we swat two flies with one blow. SDNS, (Secure
Distributed Name Server) a mapping from name to signed machine location
data.

In this future the overhead for security is as big as the signature for the
SDNS record, and the encryption and decryption on the data itself.

--Lewis

*the current approach defies the boundary between centralized and
decentralized. I believe that, in practice, we could better describe it as
centralized.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20130728/e7e0d12f/attachment.html>