💾 Archived View for rawtext.club › ~sloum › geminilist › 006323.gmi captured on 2023-11-14 at 09:27:29. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

<-- back to the mailing list

[spec] A possible client-side, community-based solution to the drawbacks of TOFU authentication

Stephane Bortzmeyer stephane at sources.org

Sun Apr 11 10:17:44 BST 2021

- - - - - - - - - - - - - - - - - - - 

On Sun, Apr 11, 2021 at 04:12:30AM -0400, Benjamin Cronin <bcronin720 at gmail.com> wrote a message of 89 lines which said:

a server's long-term certificate to be registered in a public place
for new visitors of a site to check against.

The main issue with your proposal is "who will check that thisregistration is done by the rightful [for some definition of rightful]holder, and how will they do this check?"

Instead of saying:

I have put a lot of thought and effort

I suggest that it would be better to give the answer to the aboveissue. I do not find in your email even one line of technicalexplanation about your invention.

This means no blockchain based technology or other popular
distributed system of trust, due to the computing requirements that
their proof of stake require.

You mean proof of work? Because proof of stake does not have suchcomputing requirments.

Anyway, even blockchains, as demonstrated in the last ten years withNamecoin, still have the problem of initial enrollment. How do youaddress it? [Namecoin is strictly first-come-first-served, with zerorecourse in case something goes wrong.]

At the current moment, I have not found any specific research along
these lines,

Without specific requirments, it is hard to say if there is somethingsimilar. For instance, do you plan to do something similar toCertificate Transparency, or will you envision something different?Other relevant stuff may include CoDoNS<http://www.cs.cornell.edu/people/egs/beehive/codons.php> ConfiDNS<https://www.usenix.org/legacy/event/worlds06/tech/prelim_papers/poole/poole_html/>ENS <https://ens.domains/> or the many others "distributed trust"systems now buried under 404 error codes.

Sorry if I'm harsh but, as you know "I have designed a secure,efficient, cheap system of distributed trust and naming over theInternet" is in computer networks what the "I have deciphered thePhaistos disk" is in linguistics. We are cautious.