Hacker News new | past | comments | ask | show | jobs | submit login

There are a number of efforts to secure DNS (and SSL/TLS which generally depends upon DNS; and upon which DNS-over-HTTPS depends) and the identity proof systems which are used for record-change authentication and authorization.

Domain registrars can and SHOULD implement multi-factor authentication. https://en.wikipedia.org/wiki/Multi-factor_authentication

Are there domain registrars that support FIDO/U2F or the new W3C WebAuthn spec? https://en.wikipedia.org/wiki/WebAuthn

Credentials and blockchains (and biometrics): https://gist.github.com/westurner/4345987bb29fca700f52163c33...

DNSSEC: https://en.wikipedia.org/wiki/Domain_Name_System_Security_Ex...

ACME / LetsEncrypt certs expire after 3 months (*) and require various proofs of domain ownership: https://en.wikipedia.org/wiki/Automated_Certificate_Manageme...

Certificate Transparency: https://en.wikipedia.org/wiki/Certificate_Transparency

Certs on the Blockchain: "Can we merge Certificate Transparency with blockchain?" https://news.ycombinator.com/item?id=18961724

Namecoin (decentralized blockchain DNS): https://en.wikipedia.org/wiki/Namecoin

DNSCrypt: https://en.wikipedia.org/wiki/DNSCrypt

DNS over HTTPS: https://en.wikipedia.org/wiki/DNS_over_HTTPS

DNS over TLS: https://en.wikipedia.org/wiki/DNS_over_TLS

DNS: https://en.wikipedia.org/wiki/Domain_Name_System




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: