[mytailorisrich]

Handshake does not seem to try to solve the same problem as DoH, but rather somewhat what DNSSEC is solving.

DoH's point is mostly to hide DNS traffic. DNSSEC's point is to validate a DNS record all the way to root.

The benefits on Handshake over existing solutions are unclear to me.

[troquerre]

The root of trust for DNSSEC is a key that's stored and controlled by people, and needs to go through routine key signing ceremonies. This is fallible and even recently there have been issues with the key signing ceremony https://www.icann.org/news/blog/root-key-signing-key-ceremon.... One could argue that this system works "good enough" but ultimately I'd prefer that the root of trust for security on the internet to be more robust than relying on humans to avoid error. That's what Handshake is trying to do — instead of using a key in a physical vault as the root of trust, you use a distributed blockchain that's very difficult to break.

It's also relevant to note that 51% attacks to most payment/store-of-value blockchains like Bitcoin, but for Handshake 51% attacks don't really affect the security of the network because an attacker would need to get the private keys for a name in order to attack its certificate.

[skynode]

Handshake is more of a solution to a political/governance problem than a technical one.