[cap-talk] What is the implementation status of yurls?

James A. Donald jamesd at echeque.com
Fri Mar 4 16:40:43 PST 2011


>> (b) when i tried
>> https://sha-256-hl6w2x74ixy6pi5n.yurl.net:4445/-/tutbucks/#s=ashzre7yp5wauo

sha-256-hl6w2x74ixy6pi5n.yurl.net  looks like a yurl

Now if yurls were really implemented, then when the browser attempted to 
access
httpy://sha-256-hl6w2x74ixy6pi5n.somedomain, what would happen is that 
it would get the network address, and upon contacting the domain, 
receive a public key and a rule endorsing that public key, whose sha-256 
has was hl6w2x74ixy6pi5n, and from this information, together with the 
information in its request, construct a shared secret,
used to encrypt subsequent communications.

This would have the considerable advantage that since no intermediate 
trusted authorities are involved, the user would not see complicated 
mystery error messages and would not be trained to click through those 
mystery error messages, nor would the authorities be able to mim 
websites by suborning one of innumerable certificate authorities that no 
one has ever heard of.

That this looks like yurl implies that something is implemented, though 
I suspect considerably less than a full yurl implementation.  What is 
actually implemented and working today?


More information about the cap-talk mailing list