Hey Mozillians, I have a suggestion for drastically improving Internet security (and thus privacy), would this be the right place to share it?
I’d like to suggest an opt-in browser integration for something called Handshake (it’s called Handshake because TLS “Handshake” lol).
Handshake makes it possible for anyone to verify TLS authenticity by shifting the root of trust from Certificate Authorities to a cryptographically backed distributed root of trust: the Handshake blockchain. Normally it only takes a single bad Certificate Authority to compromise Internet security, but to compromise the security of a Handshake name would require the entire Handshake blockchain to get compromised. https://www.namebase.io/blog/meet-handshake-decentralizing-dns-to-improve-the-security-of-the-internet
It takes about 6 hours worth of block confirmations to update the DNS records of a Handshake name, which means it would require at least 6 hours worth of hash power to undo any update. In other words, Handshake DNS records are super secure. https://hsd-dev.org/guides/protocol.html
Not relevant to security anymore but DNS resolution is made significantly faster too because the root records are stored right in everyone’s local storage (it only uses about 12mb of memory when operating with a full DNS cache). https://github.com/handshake-org/hnsd
An integration would also make the Internet more free by enabling anyone — not just the ultra wealthy or corporations — to get a top-level domain. For context, ICANN currently charges $200k just to review a single TLD application. Handshake soft forks the root layer of DNS while remaining backwards compatible with the existing ICANN root. https://github.com/handshake-org/hs-names
What does the process of integrating Handshake into a Mozillian browser look like? Maybe Pale Moon, SeaMonkey, or dare I say Firefox? Would love to hear what y’all thought about this too. Thanks!