Comment on Can we make federation less dependent on domain names?
gammaray@sh.itjust.works 1 day agoI was also considering something along the lines of option 3. I’m not sure of a foolproof solution, even DNS has the potential for imposters and being revoked.
lambalicious@lemmy.sdf.org 1 day ago
Yeah, the weakness of SSL is basically the same as the weakness of DNS: that someone can remotely impersonate you or revoke your identity. But there is a major difference: DNS is designed so that your identity is taken away as part of the system: you can not ever declare your identity yourself, you have to rent it from an external entity controlled by corporate, government or both. Whereas in SSL if your identity is taken away for the most part it’s purely your fault (only you should be having your private keys).