There's a blockchain project for everything these days, so there's also a blockchain project for TLDs: https://handshake.org/
If we had DNSSEC and DANE support in browsers, it would solve the security problems stemming from certificate authorities being able to issue certificates for any domain they like. Handshake would enable people to actually own their domains and bypass the CAs altogether.
NextDNS has native support for Handshake domains, I started using NextDNS (because it's fantastic in its own right) and I can resolve Handshake domains "for free" (with no other configuration).
It would solve that problem by allowing governments to directly issue certificates for every domain under their TLD, while not actually preventing CAs from doing anything (see Adam Langley's post for why), all the while allowing this weird blockchain project to monetize its own quirky version of the DNS. I don't understand why this project is taken seriously.
> It would solve that problem by allowing governments to directly issue certificates for every domain under their TLD, while not actually preventing CAs from doing anything (see Adam Langley's post for why)
Definitely a valid point - DNSSEC and DANE are incomplete without Handshake [1].
> quirky version of the DNS
It's the same DNS, simply the root was decentralized from ICANN to the commons.
> I don't understand why this project is taken seriously.
The reason the project is taken so seriously by so many is because the project improves our internet by improving security [2] and gives ownership of the internet back to the people where it originated, and where it belongs [3].
"monetized private blockchain thingy" is a gross misrepresentation of the project. Please read the design notes [1] before making any assumptions, sir!
Rather than being a 'blockchain' project, Handshake is a project that makes use of blockchain technology to solve a real problem that the world has been trying to solve for some time [2].
Is this just someone stealing the Handshake project's name, or does the Handshake project really believe that a piece of Internet infrastructure will be run off a trading cryptocurrency --- and, not just that, but their trading cryptocurrency?
Thomas, I also highly respect you. While you're not wrong in anything you write, you're doing the conversation a disservice by not reading the design notes [1].
Perhaps if you're really short on time (aren't we all?), you might at least find it amusing that the Handshake developers took $10 million of VC money and donated it to Free and Open Source foundations [2]. That was actual cash donated, not just magical internet money.
In exchange for that money, Handshake appears to want the Internet to donate something of great value (authority over the DNS) so Handshake can sell it back to them.
It doesn't even matter what I think about this design. Speaking positively, not normatively: this is never going to happen. Everyone from billion dollar corporations to academic research labs to inexplicably influential Internet curmudgeons working out of basements will recoil from this.
Do you think the current system is just fine? If yes, what are your thoughts on the recent ICANN controversies? If not, what are the better alternatives?
Pro-tip: Handshake coins can be exchanged for US dollars or Bitcoin on the Namebase exchange. This is a great time to HODL and use your airdrop to bid on available Handshake domain names. As the adoption of HNS and Handshake domains increases, we are likely to see the value of both these assets increase over time. As early airdrop recipients, you are the best advocates and builders of Handshake.
Yeah this seems super legit. Can I do it too? I'd like to blockchain ARP. I'll pre-distribute my ARPCoins to open source developers, so it'll be totally above board. Down with the IEEE Registration Authority! Up with the people!
I wasn't sure where that quote came from, but Google helped out. It appears you're trying to misrepresent text from an exchange's website as somehow being representative of the Handshake community.
The vast majority of the handshake community has no affiliation with Namebase, but I definitely recommend Namebase for people who are not comfortable managing their private keys.
Your comment is analagous with taking a comment from the Microsoft website about GNU/Linux.
On another note, Thomas, I would like to point out that you have chosen to be outspoken in the community, so I would like to strongly suggest you do so in a more constructive manner.
I think you're being too dismissive of my plan. It's at least theoretically possible to use the Internet without the DNS. But just try using it without ARP!
Nobody is reading this thread besides us at this point, so maybe should just tie it off here, or with your reply. All the best!
>I think you're being too dismissive of my plan. It's at least theoretically possible to use the Internet without the DNS. But just try using it without ARP!
>Nobody is reading this thread besides us at this point, so maybe should just tie it off here, or with your reply. All the best!
Again, sir, I urge you to read the design notes [1] as it will answer many of your questions and uncertainties around this project. That said, you are someone I respect to the highest levels possible, so I sincerely appreciate the comments and criticisms shared thus far and earnestly hope that your participation will continue!
With that aside, to answer your question regarding monetized/cryptocurrency, here is an excerpt from the notes and there are far more details that can be found therein:
A blockchain is proposed which optimizes for correcting prior weaknesses around
acknowledging stakeholders such as existing top-level domain (TLD) holders and
optimizes for decentralization (while still allowing for n-of-m attestations).
Users use the native token (coin) to register TLDs which are pinned to a
specific certificate as the identity. A committed merkelized proof of all
top-level names allow for compact, shareable inclusion and exclusion proofs.
This blockchain exists to attempt to resolve the need for a globally unique
namespace which is necessary to have an association with unique names and
certificates. While it's possible to create a singular centralized globally
unique association (DNSSEC), a decentralized system can be resolved by creating
a blockchain with its own cryptoeconomic incentives (coin), including name
auctions of a unique namespace and block creation. Scarce resources require
sybil protection, usually managed by a central trusted authority (CAs, ICANN),
but can be resolved by having a blockchain based mechanism for global consensus
and resource allocation.
Is Handshake based on a cryptocurrency coin? Does that coin trade on coin markets? Are there early backers and investors?
If so: it's a dead project. I don't know why anyone would take it seriously. I'm skeptical of the entire model for any application. But for Internet infrastructure? Never going to happen.
> Is Handshake based on a cryptocurrency coin? Does that coin trade on coin markets? Are there early backers and investors?
Handshake is based on the ideal that the internet belongs to the people.
> If so: it's a dead project. I don't know why anyone would take it seriously. I'm skeptical of the entire model for any application. But for Internet infrastructure? Never going to happen.
People will always strive for better. I believe it will be Handshake, but if not, something else will come. People find a way, that's how we all got here today. This very thread itself is proof that the current system doesn't fulfill the wishes of humanity and there is a need for change.
If you believe Handshake has faults, let's all work together and improve it!
> Sure. Step 1: lose the speculative cryptocurrency.
The step seemed like it lacked any understanding of the mechanism design of handshake, and I realized it's because we skipped a step here. I like to start my count with 0:
Step 0: Please read the design notes document. Let's be constructive here.
Later:
In all seriousness, though, I urge you to read and understand how Handshake works and how different it is from these other 'cryptocurrency' projects that I am (and I'm sure many in the hn community) on the exact same page as you about. I trust you'll see why the community is moving in this direction.
Later 2:
Just incase you don't read the paper, the coin, and auction process, helps prevent sybil attacks among other things.
I could launch a DNS replacement project where users registered a domain name by coming to my house and handing me $1,000 in cash. It would be accurate for me to say that the “come visit me with cash” approach prevented botnet-based brute forcing, among other things. It would also be accurate for an observer to point out that my project has a crucial flaw for replacing DNS.
It’s clear you believe the usage of blockchain technology in Handshake is justified. But throughout this thread, whenever the question of ~“is your project backed by a cryptocurrency which is traded speculatively” has been posed, you’ve dodged answering it outright.
If you read closely, I did not dodge but instead suggested reading the design notes. It’s not worth arguing a point with someone who lacks the understanding of something. Once I realized that this was simply bias and the thread was attacks rather than sincerity, I answered directly.
Later:
My first response [1] included a direct answer pasted from the design notes - and it’s very clesr. Unfortunately, it won’t help if you don’t know what a Sybil Attack is. I incorrectly assumed that was basic knowledge in 2020 for anyone on Hacker News [2].
When somebody says ~“is this true” and you say ~“read the docs”, you’re dodging the question. It’s a pretty fair assumption that `tptacek and I are familiar with the docs and the concept of a Sybil attack. Even if we weren’t, you could just as easily say “Yes, the design of Handsake is based around a cryptocurrency, and our implementation involves speculation. For more info, you may want to check out the docs <here>.”
Instead, you’re deflecting by insinuating that we haven’t read the spec, and thus refusing to answer the question we’re posing to you.
If you're saying A) I ignored the cryptocurrency, unfortunately you are wrong.
If you're saying B) I didn't explain to you what a sybil attack is, you're right, albeit I did provide a link.
In a global unique namespace that has no centralized control, there needs to be constraints and scarcity built into the system itself in order to prevent someone from launching a "sybil attack" which, in this context, means someone could register a trillion names without anything stopping them. By introducing a coin that in itself is a limited resource and including an auction process, essentially, there are a limited number of names since there are a limited number of coins, and, in addition, the auction process itself helps to prevent someone from getting a lot of coins and registering many names.
This explanation really just touches the surface as all the intricacies of the architecture are better detailed in full, in our project design notes [1] as I have continued to urge you to read.
If we had DNSSEC and DANE support in browsers, it would solve the security problems stemming from certificate authorities being able to issue certificates for any domain they like. Handshake would enable people to actually own their domains and bypass the CAs altogether.