Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Delist OpenNIC & NameCoin #1273
While OpenNIC and Namecoin allow private domain registration, I am let to understand that they cannot get SSL certificates, that are globally recognised as valid, due to their nature as an alternative to ICANN managed DNS.
If I am correct, this results to them either not having https/TLS at all or teaching users to blindly accept any SSL certificates, either announcing in plaintext to any network listener (or Tor exit node) what they are doing or leaving them vulnarable to MITM attackers. Thus I don't consider them as private.
Deploy preview for privacytools-io ready!
Built with commit caea706
It appears that I am not entirely correct in case of Namecoin judging by https://wiki.namecoin.org/index.php?title=Domain_Name_Specification#TLS_support, however
I think installing root certificates is dangerous as those have leaked in the past and probably will also in the future.
Sep 7, 2019
3 of 6 checks passed
While this was already merged, another argument I happened to thought of against Namecoin is that I have heard them often encouraging DNS servers that are capable of resolving Namecoin domains, and I understand that in that case there wouldn't even be the root CA installed resulting to security issues.