But why not just blockchain domains and TLS fingerprinting or DANE? No CAs in the mix, and if you lose your IP then just pick up another, domain stays the same. It's dynamic resolution, alt-root updates are instant more or less, and you stick to URLs. Going after the entire network fabric is cool and all, but is there really a need?
Replies (2)
You could have another infrastructure class (next to blossom servers, mints and all the rest) which is transparent alt root resolvers (TEE based), and that would abstract away the blockchain and the fingerprint validation for users (they just enter the URL) and would work with whatever alt root that the server op wants to publish IP and fingerprint records on. I just dunno if that's that much of an upgrade to ICANN DNS. ICANN could have turned out a lot worse than it did.
I'm not against that. Another of my plans is to make "blockchain domains" that do not suck using a Bitcoin spacechain, but so far that hasn't been possible and who knows if it would actually work.
I don't understand how to connect the blockchain to the real world though. How would TLS fingerprinting help? And isn't DANE a niche thing that browsers refuse to implement?
