Yes, it is possible for a 3rd-party server to return Namecoin blockchain data in a trust-free manner, without the clients storing the blockchain. This however cannot be done with the DNS protocol as it currently exists. There are plans to make "lite clients" for Namecoin which don't require downloading the blockchain but are still able to provably return correct results, but by their nature they require some kind of verification algorithm on the client side. In other words, an ISP can't just "turn on" this feature for their DNS and have it be safe -- the user needs to be running some kind of software that verifies it. This can be extremely lightweight -- no blockchain download delay, and should be easy to include in a Firefox extension, for example.jprider63 wrote:Please fill me in. I am not trolling. I am genuinely interested in how Namecoin can make the internet more secure and decentralized.
Also, it is still possible for an untrusted entity to store and provide information in a cryptographically verified manner. Have you heard of authenticated data structures?
The big problem with allowing a commercial entity to control the .bit TLD is that users who access a .bit domain will be unable to tell whether it has been authenticated, because using a generic DNS server to relay that information does not verify authenticity. And if you think that governments won't try to pressure that entity to censor or hijack domains, I think your trust is misplaced. It is extremely easy to hide malicious behavior from audits, e.g. the DNS server could choose to only hijack entries for particular client IP's. Meanwhile, if you do discover that the commercial DNS server is behaving maliciously, what is your recourse? Stop using .bit? Convince the masses to abandon the server by changing default settings?
(Also, sorry if I sounded harsh in my previous post.)