[sadpluto]

Does your decentralized ideal apply to the whole Internet, or just TLD signing and such? In other words, do you believe we'd be better off without a DNS root zone? I know there's Freenet, so I guess another question is whether you think that shift could ever become mainstream.

If so, I'd love a reply.

If not, I'd love a reply. And! And then... this DANE shift would not be such a bad thing, right? You have the hierarchy anyway, so why not have the option of securely publishing [1] your public keys. By the time you have registered your domain and paid all your fees, you might as well!

As for the potentially insecure signing of some TLDs, isn't it partly due to the decentralized nature of the ccTLDs? From a security perspective people may have to learn to trust more .com domains with a green lock than, say, .ly.

[1] I'm purposely using this loaded term, as I'm full of doubt and confusion, hoping to provoke the master and get more thoughts! Refer, for instance, to my TL comment in this thread.