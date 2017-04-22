DNSChain

There is a problem with how the Internet works today:

HTTPS is not secure. Like most "secure" communications protocols, it is susceptible to undetectable public-key substitution MITM-attacks (example: Apple iMessages).

Netizens do not own their online identities. We either borrow them from companies like twitter, or rent then from organizations like ICANN.

These problems arise out of two core Internet protocols: DNS and X.509.

DNSChain offers a free and secure decentralized alternative while remaining backwards compatible with traditional DNS.

It compares favorably to the alternatives, and provides the following features: ︎

⭐ See Also: Comparison and Security Model

⭐ April 21, 2017: Comparison of DPKI to CONIKS, Key Transparency, Certificate Transparency

Documentation

DNSChain replaces X.509 PKI with the blockchain

MITM-proof authentication

Simple and secure GPG key distribution

Secure, MITM-proof RESTful API to blockchains

Free SSL certificates become possible

Prevents DDoS attacks

Certificate revocation that actually works

DNS-based censorship circumvention

Other features: testing suite, rate-limiting, and caching

Free public DNSChain servers

Access blockchain domains like okturtles.bit

Registering blockchain domains and identities

Encrypt communications end-to-end without relying on untrustworthy third-parties

Unblock censored websites (coming soon!)

And more!

Requirements

Getting Started

Configuration

Guide: Setting up a DNSChain server with Namecoin and PowerDNS

Coming Soon: securing HTTPS websites with DNSChain.

Securing Your Apps With DNSChain

Contributing to DNSChain development

Adding support for your favorite blockchain

Running Tests

Community

Other Resources

📺 Watch

🔈 Listen

📄 Read

Have a link? Let us know!

Contributors

Approximate chronological order.

Release History

Blog post for 0.5 release.

0.5.3 - September 5, 2015

New Features: Optional CORS support from Michael Bumann (thanks!).

Improvements: Bumped hiredis to 0.4.1 for latest iojs compat.



0.5.2 - March 11, 2015

Improvements: Includes tests for verifying NXT support Added superagent for simpler HTTP requests Moved dnsHandler into blockchain.coffee template class Prevent favicon.ico requests from filling logs Improved Comparisons.md documentation Misc. code and logging improvements

Fixes: #138: Nxt resolver not working #140: Prevent non-json values in Namecoin from returning "Not found" #141: Allow arbitrary namecoin keys, but enforce ICANN domain rules for for d/ #142 + #120: Make it less likely Travis will fail



Copyright (c) okTurtles Foundation. Licensed under MPL-2.0 license.