undefined | Better HN

0 pointssln12y ago0 comments

Yes they do but 1) most people are more comfortable dealing with usernames compared to public keys, and 2) distributing the public keys themselves can be tricky if you don't already have a trusted connection set up (just look at past abuses of Certificate Authorities for examples of this).

0 comments

betterunix12y ago

I do not see how distributing keys is "tricky" in this context. If you do not know who you are communicating with, then a man in the middle attack works if the attack occurs during your first attempt to communicate (think SSH); this would seem to be true regardless of the existence of a ledger, since you need to figure out which username you want to communicate with. If you do know who you are communicating with, you can distribute keys offline (e.g. "contact me with $key") or establish keys via some existing communication channel (OTR, PGP, whatever), just as you would have to distribute your username offline or via another channel given the ledger.

So sure, I can grant people are more comfortable dealing with usernames than with public keys, but that sounds more like a UI problem than a technology problem. People are certainly capable of dealing with Tor hidden service addresses, and I suspect that is because they are already using a UI they know well (their web browser).

j / k navigate · click thread line to collapse

0 pointssln12y ago0 comments

0 comments

betterunix12y ago

j / k navigate · click thread line to collapse