[beagle3]

The "global CA" model is bust. How it was ever considered usable is beyond me, but we now have more than a decade of experience seeing just how bad it is. It is utterly, fundamentally broken and easily subverted by state actors.

For now, the only reasonably usable secure key exchange method seems to be what WhisperSystems are doing on their phone app (safe against MITM if the parties know each other, and very hard to MITM even if not - especially not automatically).

[aianus]

What's wrong with blockchain based solutions like namecoin?

[beagle3]

If I understand correctly, namecoin is a distributed DNS replacement. Is there a way it addresses impersonation (e.g. MITM?), if so, can you please point me at documentation?

DNS does not address it, and even DNSSEC does not (if you can forge the certificate, and you can mitm the traffic - which state actors are all capable of - then it doesn't matter that you can't forge the DNS response itself).

[aianus]

You can place your own self-signed public key in your namecoin record. There is no longer any need for certificate authorities which can be coerced into forging certificates.

[beagle3]

Well, if this is properly supported by software using namecoin for DNS resolution, then - yes, this may work. The proof of the pudding, however, will arrive once it's eaten. I am not familiar with namecoin to point where the potential problems are, but do note that the failure of CAs is not in the cryptography but rather in the trust model. In modern cryptography, the problems are almost always with the practice, not with the theory.

[rakoo]

> software using namecoin for DNS resolution

Actually, it should be the other way around: dnschain [0] bridges DNS resolution and namecoin, so there's no need to modify existing software.

[0] https://github.com/okTurtles/dnschain

[beagle3]

Cool! wasn't aware of it.