[cap-talk] What is the implementation status of yurls?
James A. Donald
jamesd at echeque.com
Fri Mar 4 16:40:43 PST 2011
>> (b) when i tried
sha-256-hl6w2x74ixy6pi5n.yurl.net looks like a yurl
Now if yurls were really implemented, then when the browser attempted to
httpy://sha-256-hl6w2x74ixy6pi5n.somedomain, what would happen is that
it would get the network address, and upon contacting the domain,
receive a public key and a rule endorsing that public key, whose sha-256
has was hl6w2x74ixy6pi5n, and from this information, together with the
information in its request, construct a shared secret,
used to encrypt subsequent communications.
This would have the considerable advantage that since no intermediate
trusted authorities are involved, the user would not see complicated
mystery error messages and would not be trained to click through those
mystery error messages, nor would the authorities be able to mim
websites by suborning one of innumerable certificate authorities that no
one has ever heard of.
That this looks like yurl implies that something is implemented, though
I suspect considerably less than a full yurl implementation. What is
actually implemented and working today?
More information about the cap-talk