Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security

Ali-Reza Anghaie <> Sat, 14 December 2013 19:25 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 783CB1AE28F for <>; Sat, 14 Dec 2013 11:25:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.168
X-Spam-Status: No, score=-1.168 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, FM_FORGED_GMAIL=0.622, LOTS_OF_MONEY=0.001, SPF_PASS=-0.001, T_DKIM_INVALID=0.01] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ah-7_h-KuFqb for <>; Sat, 14 Dec 2013 11:25:14 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:400e:c02::229]) by (Postfix) with ESMTP id F07DB1ADFF7 for <>; Sat, 14 Dec 2013 11:25:13 -0800 (PST)
Received: by with SMTP id v10so3774301pde.28 for <>; Sat, 14 Dec 2013 11:25:06 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=unuPujs1x3QnSZZmUW82C97zO1JGBPtWpMNAJosWv6E=; b=Pd9H3XwwY6GN5RIxd6MKksGrXuXST8SOys/YXO764D4P7hH1rxNVqUjMuDK9NFRGsw kEqM7UBhfrsdWJJgtcNps9+ZuUSSFljTMc34Im9iuRIpHrdl5VvgrV696lMpIIV3JiBb QQo65NoGIAIwJADAxwi8lsY/Onyr+GGWpdbfc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=unuPujs1x3QnSZZmUW82C97zO1JGBPtWpMNAJosWv6E=; b=S7OmR7qf3ZOze4LqDrCtDbfGz1Dg7N8lhNU6pRDiTqxO+ARRn3vrfV/TLSzHQJU2dn u/4SeBa99TjFzekUe8Ld5mtBhKk48OidwSTtLDiOZ9okAne7WeZT8PiCgsM0aqh0swVH Ev6SNuKcweRrPvSSqrjQWzp89YIjYSpFgCixcTKVGXLC4K+CRLQYdo1ELABqUSijlAod xH6Yrk5pzBUdhSdobIapz5O9cGwX3LD5w1m7WnW3LC1fobDAXQvm9RVuBzshinV4BnT9 T0nOdEazvgMArN5ByMssZDNRSAlclvWMCAXH98J/A7Fv0le5EFoCDWag3R9VHs16/9YX M6Vw==
X-Gm-Message-State: ALoCoQkXijLtlSF/SoUb0i2AsyA8DUO23BJCITOBzAY2Uxq/Z1PfgnXdcuwuthIXwQpHv4UNgjiO
MIME-Version: 1.0
X-Received: by with SMTP id hq3mr10822365pad.132.1387049106218; Sat, 14 Dec 2013 11:25:06 -0800 (PST)
Received: by with HTTP; Sat, 14 Dec 2013 11:25:06 -0800 (PST)
In-Reply-To: <>
References: <> <>
Date: Sat, 14 Dec 2013 14:25:06 -0500
Message-ID: <>
From: Ali-Reza Anghaie <>
To: "" <>
Content-Type: text/plain; charset=ISO-8859-1
Subject: Re: [therightkey] DNSNMC deprecates Certificate Authorities and fixes HTTPS security
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 14 Dec 2013 19:25:25 -0000

On Sat, Dec 14, 2013 at 12:51 PM, Phillip Hallam-Baker <> wrote:
> Given the success of the US government in shutting down eGold type schemes I
> am very skeptical about the stability of 'namecoin'. If we accept the
> purported scenarios that motivate the scheme then namecoin won't last very
> long.

Aside from the tactful / lack thereof issues in the delivery - this is
a key point not addressed in the proposal. Adoption requires not only
a State unwilling to quash it but ISPs and other providers willing to
support it. This isn't just a US issue, it's quite prevalent an issue
in every moderately to well connected State.

I see nothing in this proposal as of now that I could see any major
provider getting behind in a major way.

> The fact that BitCoin has survived this long is rather surprising. We have
> already seen a huge robbery of over $200 million in bitcoin (from a drug
> dealer). And now we have people trying to de-anonymize the system to stop
> the coins being spent (!)

I'm not sure I agree here - I think it has a lot of believers but also
as importantly it has a lot of power brokers perfectly happy to let it
thrive in the niche area where it can be corralled into easily
identified groups. This tactic will fail the State with other Bitcoin
derivatives but the initial runup (which we're still in) somewhat
reflects a normal permissive environment with the hopes of
criminalization benefits to the State.