Ah I understand now. Yes, this is similar to what I'm talking about, but not identical.biolizard89 wrote:Run an nmcontrol instance on a non-localhost server which you trust, and enter its host/port in the Convergence for Namecoin settings. How is that not what you were talking about?sugarpuff wrote:Sorry, don't think I understand, could you clarify what you mean by "what you're talking about"? How is changing the port what I'm talking about?biolizard89 wrote:Convergence for Namecoin will soon support using an nmcontrol instance that isn't running on the default host/port. This basically does what you're talking about. It should be emphasized that this should only be used with servers that you trust with the technical capacity to hijack, censor, and surveil all of your Firefox .bit traffic.
My interest is in avoiding novel client software as much as possible, and that includes browser extensions. I agree that there is a possible necessity at this present time (hopefully not in the future) for a browser extension. It may be necessary for preventing scary warnings.
One possible method to avoid mandating an extension would be to utilize that wonderful "feature" in the existing PKI system whereby browsers trust a bunch of CAs, and simply obtain one of their private keys (through legal means) and use it to manufacture certs on behalf of authenticated .bit domains (and possibly others). This might not be realistic though, and is certainly not meant as any sort of long-term solution (the goal is to get rid of CAs, after all).
I'm not aware of any reason why they can't get good security/privacy (feel free to enlighten me).biolizard89 wrote:Chrome users simply cannot obtain good security/privacy due to problems with Chrome and Google. This is not something that I can fix. As a result, I don't have much interest in working on Chrome. If someone else wants to implement something like Convergence for Namecoin on Chrome, they're welcome to do so, but they'll be wasting their time in the sense of achieving strong security/privacy.
My personal goal is to replace the CA/PKI system with something infinitely superior, and to protect as many internet users as possible (without discrimination). Would you be interested in collaborating? If so, do you have a GPG key somewhere?
[phelix: title edited]