reply on: Digital signatures to prevent name squatting on SN? \ stacker news ~bitcoin

0 sats \ 8 replies \ @Brunswick 3 Oct 2022 \ parent \ on: Digital signatures to prevent name squatting on SN? bitcoin

Yes I'm misreading your question also, I forget it's a name staking scheme. But nonetheless, who's to certify the website and certificate corresponds to the person?

0 sats \ 7 replies \ @ek OP 3 Oct 2022

Well, that's a good question. There is always a slight chance of being fooled.

But I would say SSL certificates improved internet security a lot.

0 sats \ 6 replies \ @Brunswick 3 Oct 2022

Do you mean EV certificates? That is foundationally tied to comparing against government IDs and registrations.

Strangely, the state of Illinois created a government key server for exactly this problem, to tie physical identification to a digital certificate to aid in licensure and registrations through email and such. It wasn't very popular, though still in place.

0 sats \ 5 replies \ @ek OP 3 Oct 2022

What are EV certificates? I mean SSL/TLS certificates. The ones Let's Encrypt is doing.

5 sats \ 4 replies \ @Brunswick 3 Oct 2022

A letsencrypt cert doesent validate anyone's identity other than confirm the controller of a domain's nameserver has control over the web server.

An EV certificate is how companies like google and paypal can get that green checkmark or background in your browser's url box indicating that the certificate issuer has confirmed the identity with government ID, articles of incorporation, a letter from a lawyer and a notary public of the person or company the certificate was issued to.

10 sats \ 3 replies \ @ek OP 3 Oct 2022

A letsencrypt cert doesent validate anyone's identity other than confirm the controller of a domain's nameserver has control over the web server.

Yes, this is what I am talking about. No more, no less.

There are websites of "important people" out there who we already assume to be "real" or "verified".

Putting a public key on these sites and having a signed message on here is all I am talking about.

Essentially, you would just take your reputation from these websites instantly with you to SN.

Thanks for the explanation about EV certificates. Didn't know they exist!

166 sats \ 2 replies \ @Brunswick 3 Oct 2022

There is something called DANE SMIMEA which is similar to your proposal and something @k00b could use to verify "orange checks" that ties a domain to an email address and public key if he thinks its worthwhile.

0 sats \ 1 reply \ @Brunswick 3 Oct 2022

The DANE SMIMEA standard was adopted as rfc8162 in 2017

0 sats \ 0 replies \ @Brunswick 3 Oct 2022

I haven't found a simple way of generating a dns record. gpg --export-options export-dane email@address.tld is one way, but I can't get nsupdate to accept that format.

reply on another page