undefined | Better HN

0 pointssparkie7y ago0 comments

If, instead of identifying services by some human readable name, they are identified by their public keys, then we don't need certificates - there are several encrypted and authenticated transport protocols which only require knowledge of the destination's public key upfront.

You then need an alternative name system which links a unique human readable name to a public key. This is the tricker part (see Zooko's triangle), but there are some creative solutions like Namecoin and the Blockstack Name Service.

0 comments

jimsmart7y ago

> links a unique human readable name to a public key

Easy: use DNS, store the PGP key ID a TXT records, and then look up the public key for that ID using a PGP key server.

j / k navigate · click thread line to collapse

0 comments

jimsmart7y ago

> links a unique human readable name to a public key

Easy: use DNS, store the PGP key ID a TXT records, and then look up the public key for that ID using a PGP key server.

j / k navigate · click thread line to collapse