>I disagree with the concept by the way – owning a domain in the DNS system and running a validator are not linked in any way nor should they be.
Tell me, which of these three validators is operated by Banhof? No cheating and looking at charts…
I agree that a domain shouldn’t be a _prerequisite_ for operating a validator, and it **isn’t**. But we need **some** kind of identifier in a common “regulated” namespace that we all share that allows us to assign and group validators by human-readable and human-relevant names. Right now, I can think of only two such identifiers:
1. a domain name, which is what we are using; or
2. an email address.
Between the two, I think the domain name is preferable for a number of reasons. It’s possible there are better options, and if you know of any then by all means… let’s hear them.
>Lastly, there is no verifiable proof attached to domain ownership in this format.
Right now, given a published list, the only way to associate a validator public key with an identifier is by visiting a website; this is a pain. Additionally, the data that website reports is not signed in an way.
This change actually improves things: the publisher is attesting that a given validator corresponds to a particular domain and _cryptographically signs that statement_; if the publisher of the list lies, there will be cryptographic proof of that lie and we can all decide what to do moving forward.
It doesn’t get us to the point of users being able to independently verify the domain by posting a signature or other cryptographic proof that binds the domain and the validator together, but that is something we _are_ working on.
We are working on a way to allow people to independently verify the domain (by posting the signature) but in the mean time, I see this as a net win.
This post was last modified on July 7, 2018, 1:26 am