Blockchain point to signed username request in DHT?

[cjb]

As suggested by dominictarr -- this has the advantage that you can't register a username on behalf of someone else, but a disadvantage that the blockchain isn't sufficient by itself to create the user database.

Oh! Maybe we just add the "username" into the user profile. That's already signed.

[pdaian]

I don't see an issue with being able to register usernames for others. You can do this in DNS (point to their host), e-mail (create a forwarder to their address), and most other protocols that have name resolution of some sort. The blockchain-based usernames are a huge part of what attracted me to this project, and I would like to be able to construct the full user database from the blockchain alone.

What you can put in the DHT is perhaps a list of usernames that are "official". So the lookup of the mutable key happens via the blockchain, and then gittorrent confirms that the repo you are cloning is indeed through an official URL. This would help against attacks in the future whereby I register a username for a third party, and update the resolution to one of my own mutable keys, deploying malicious keys to users who are using my username as their remote. I assume updating username/key pairs is a planned feature (through for example using the same BTC address to create another user transaction).

If the policy is simply specified permanently as "use the oldest transaction", I don't see the need for such additions though.