[bawolff]

Handshake sounds exactly like namecoin which has been here for a while. I guess its trying to be better by not requiring all nodes to be full nodes or something. I feel like that is not the reason why namecoin failed.

As an aside, anyone else notice how it seems like all blockchain projects are annoyingly full of marketing speak, and talk in circles for the tech part. How hard is it to clearly and concisely list the technical goals and properties your solution has?

[troquerre]

Handshake took inspiration from predecessors like Namecoin but it’s very different. First is scope: Namecoin puts domain names on its blockchain under the .bit TLD whereas Handshake targets TLDs. It does so because Handshake aims to improve the security of TLS by shifting trust from CAs to its blockchain. The CA model is weak bc only a single CA among the thousands of CAs that your computer trusts needs to get compromised in order for your security to get compromised. And the likelihood of a single CA failure increases over time. That’s the opposite of what you want in a robust system.

With Handshake, certs can be pinned directly on the blockchain, which becomes more secure as more nodes join the network and across time as more blocks get mined on top of the pinned cert. This shifts the system from diminishing security to accumulating security. That’s the main innovation behind Handshake.

There are other differences in the issuance model as well. Namecoin’s issuance destined it for failure from day one since names are registered for a flat fee without restriction. This meant that squatters and early adopters could lock up the namespace without paying the true market price of the name. Handshake uses an auction system for name registration and releases the namespace over time (the release date is determined by hashing the name % 52), which means that names are registered for their true market price and newcomers can still register good names. This difference is critical and already playing out successfully — the highest auction was for 200k HNS, which is equivalent to $20k USD and 7/12 of the namespace is still unreleased.

[bawolff]

So let me get this straight:

The main innovation of handshake is they reinvented DANE on the blockchain? Don't get me wrong, DANE in DNS has some issues, but how is that an improvement from namecoin? Are you saying namecoin is incapable of storing the hash of a certificate in its name records? I'd also bet the cost of a 51% attack on handshake is significantly less than the cost of hacking a CA. [Edit: after posting this i realize im not sure the 51% attack is a relavent attack here, since "double spending" isn't going to help someone pull off a MITM]

The other inovation, is instead of scoping it so it doesnt conflict with existing system, instead handshake directly conflicts with existing DNS names. I fail to see why that is a good thing.

I will admit the auction system is an interesting solution to the cybersquatting problem. I dont think its what most people want out of a naming system (if own microsoft, i want my domain to be microsoft.com, not to wait 10 years for it to be released), but it is an interesting solution.

[bityard]

If I buy a domain via auction on handshake for $20,000, who does that money go to?

[tasuki]

It gets burned. The original Handshake developers seem very fond of both burning money and giving it away [1].

[1] https://handshake.org/grant-sponsors/

[tasuki]

> How hard is it to clearly and concisely list the technical goals and properties your solution has?

Very? If you find https://handshake.org/ too marketing-y (I don't) perhaps you'll find the design notes more substantial: https://handshake.org/files/handshake.txt

[ca98am79]

you can also view it at http://handshake.txt if you are using a handshake resolver

[tasuki]

Spoiler: it's a redirect!