Bitcoin Forum

Alternate cryptocurrencies => Altcoin Discussion => Topic started by: Septic on December 11, 2013, 09:30:07 PM


Title: Yet another alt-coin - but to replace digital certificates
Post by: Septic on December 11, 2013, 09:30:07 PM
Reading yet another issue with a certificate authority recently (in this case, a French agency being able to masquerade as Google for a MITM attack: http://arstechnica.com/security/2013/12/french-agency-caught-minting-ssl-certificates-impersonating-google/ (http://arstechnica.com/security/2013/12/french-agency-caught-minting-ssl-certificates-impersonating-google/)), I thought about suitable alternatives for protecting privacy and ensuring validity, perhaps in a similar aspect to namecoin.

Essentially, the network itself can act as the Web of Trust; all the clients can have all the knowledge of every 'registered' (tbd) site, existing transaction histories serve instead to validate the domain/site has not been transferred to another party, and nobody can sweet-talk/hack a company into providing an illegitimate certificate.

Before I start contemplating the idea too deeply, is there general interest/critical flaws in regards to this? I can think of quite a few issues without thinking too much:

  • Must start centralized until the network can 'self-sustain' itself to authenticate addresses (so like a master database - which then stands a chance of being exploited)
  • MITM attacks against the authentication process itself - keep using certificates for some things?? In which case, what's the point of this
  • Non-instant resolution; certificate setups can just query with the CA and check against a CRL - our method would require the network to respond before ascertaining the result. I guess the OS could be preemptive and download in advance, and clients (i.e. web browsers) query with the OS - but still far from perfect
  • And perhaps most importantly - how can the coin correlate to 'earnings' - a coin per 'domain'? Little to no value in doing something like that though. Has to be an incentive; maybe providing a different coin - but that then has a whole host of other issues!

Interested to hear your opinions ;) And feel free to tell me the idea actually sucks  ::)

Title: Re: Yet another alt-coin - but to replace digital certificates
Post by: pmconrad on December 11, 2013, 09:45:59 PM
Actually namecoin is pretty much doing what you want:

http://dot-bit.org/forum/viewtopic.php?f=5&t=1396

Title: Re: Yet another alt-coin - but to replace digital certificates
Post by: Septic on December 12, 2013, 11:51:55 PM
Looks like I need to look into namecoin a bit deeper!


Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines