100 sats \ 1 reply \ @orthzar 27 Sep 2022 \ on: Daily discussion thread
A bit ago, I came up with an idea for self-verifying domain names:
Create the domain:
- Generate a keypair
- Hash the pubkey
- Convert that hash to a list of words (e.g. BIP-39) separated by dashes (e.g. word1-word2-...)
- Register that word-list as your domain name (e.g. word1-word2-...-word-23-word24.com). [0]
- Self-sign an TLS certificate with the above generated keypair for that domain name.
Connect to the domain:
- Client connects to the domain name.
- Server provides it's self-signed TLS certificate.
- Client verifies the certificate by comparing the pubkey, the domain name (which is a hash of that pubkey), and the signature in the TLS certificate.
- If everything matches, then the TLS connection proceeds as normal.
This protocol would be added to the certificate verification process of TLS. It would be used in situations where a short/memorable domain name is not needed (e.g. backend servers, Nostr nodes, etc).
One big flaw is that a change to the certificate would require a change of domain name. That would happen in the event of a private key leak or when you decide to upgrade the security of your certificate (e.g. going from a 2048 bit key to a 4096 bit key).
[0] The maximum length for domain names is 253 ASCII characters. The words in the English BIP-39 wordlist are all =<8 characters (and shorter on average), so length shouldn't be an issue.
reply