This isn't really relevant to MediaWiki, and the proposal is so ridiculous
I can only assume it is some sort of joke project.
For others seeing this thread, I found all the good quotes for you:
DNSChain "stops the NSA"
.dns is a meta-TLD because unlike traditional TLDs, it
is not meant to
globally resolve to a specific IP [...] you cannot register a
meta-TLD
because you already own them!
I think ICANN might take issue with that. (Also, a good read of RFC 3686 is
necessary here.)
// hijack and record all HTTPS communications to this
site
function do_TLS_MITM(connection) {
if (
// let's not get caught by "pinning", shall we?
isPinnedSite(connection.website, connection.userAgent)
// never hijack those EFF nuisances, they're annoying
|| isOnBlacklist(connection.ip)
// hijack only 5% of connections to avoid detection
|| randomIntBetween(1, 100) > 5
)
{
return false;
}
return mitm_and_store_in_database(connection);
}
I'd *love* to see the implementation of "mitm_and_store_in_database".
Also, fun to note that the entire application is written in CoffeeScript.
*-- *
*Tyler Romeo*
Stevens Institute of Technology, Class of 2016
Major in Computer Science
On Wed, Apr 30, 2014 at 1:41 AM, James Salsman <jsalsman(a)gmail.com> wrote:
Would someone please review this DNS proposal for
secure HTTPS?
https://github.com/okTurtles/dnschain
http://okturtles.com/other/dnschain_okturtles_overview.pdf
http://okturtles.com/
It is new but it appears to be the most correct secure DNS solution for
HTTPS security at present. Thank you.
Best regards,
James Salsman
_______________________________________________
Wikitech-l mailing list
Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l