This doesn't fix the problem which is the US federal government. The only way to fix this permanently is to take back control, build a new DNS infrastructure, and deploy it. Also this had been attempted in a myriad of ways from normal decentralized DNS to p2p decentralized DNS, etc. Lastly i'm certain the NSA can break RSA keys without much trouble while average Joe believes this to be scientifically impossible. Research and Enjoy!
On Dec 6, 2010, at 12:38 PM, "Alex Pankratov" <a...@swapped.cc> wrote: >> -----Original Message----- >> From: p2p-hackers-boun...@lists.zooko.com >> [mailto:p2p-hackers-boun...@lists.zooko.com] On Behalf Of David >> Barrett >> Sent: December 5, 2010 9:51 PM >> To: p2p-hackers@lists.zooko.com >> Subject: Re: [p2p-hackers] .p2p domain > > ... > >> 4) When renewing the record, refuse any unsigned change, or change >> whose signature fails. > > ... > > And what about abandoned/expired domains that are re-assigned to new owners? > It is not realistic to expect all existing owners to gracefully relinquish > the ownership of expiring domains. > > On a more general note - if a "secure" DNS infrastructure ever sees a proper > adoption, I bet that there will be some form of PKI present in it. Simple > key-based trust is not going to fly with interested intermediates, e.g. > shady agencies that already own or have an access to SSL CA keys and are > capable of on-the-fly certificate forgery, and through this the MnM attacks, > if needed. > > What you describe is a geek's solution that doesn't account for political > realities :) I'm with you, but it is simply not going to happen. > > Alex > > _______________________________________________ > p2p-hackers mailing list > p2p-hackers@lists.zooko.com > http://lists.zooko.com/mailman/listinfo/p2p-hackers _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers