Re: [projectvrm] Minimum viable VRM web site or service

[John Light < >]

All of the technical details are on the Github page, but here's an example of what the user experience would look like:

1) Register a .bit domain on Namecoin. No one can take this domain from you without compromising your Namecoin private key.

2) Add your servers IP address in the Namecoin block chain as an attribute of your .bit domain.

2) Put your public certificate in the block chain as an attribute of your .bit domain.

3) When someone with a browser configured to use DNSChain and view .bit domains wants to view your site, they will type in your .bit domain, and the browser would use the block chain to connect to your server and automatically use the public certificate you attributed to that domain.

4) Your connection to your visitor's browser is now secured by man-in-the-middle-proof, end-to-end encryption. The only way for an attacker to compromise this connection is to compromise your private keys, which you have hopefully taken appropriate steps to secure.

Regards,

John


This conversation is not private unless it's encrypted. By default, an email is more like a postcard than a letter in an envelope. Use my public key to encrypt private messages to me using public key cryptography software such as PGP or GPG and include your public key with your message so I can encrypt my response. 

On Thu, Jan 15, 2015 at 1:43 PM, Johannes Ernst < " target="_blank"> > wrote:

> On Jan 15, 2015, at 13:07, John Light < "> > wrote:
>
> We could replace both webs of trust and the CA system with the block
> chain. See:
>
> https://github.com/okTurtles/dnschain
>
> Disclosure: I work for the okTurtles Foundation, developers of DNSChain

I would love to understand this better. How does this actually work?

Let’s say I would like to set up a new website, with a new domain. What do I need to do?

And then you would like to visit that website  (right?!!) and be sure it is my new site. What do you need to do?

And then Mr Evil comes by and likes to impersonate my site. He has $100k to spend on that project, for whatever purchases … including bribes or anybody other than you or me :-)

Maybe this is documented somewhere already.

Cheers,



Johannes.