Remove ToxDNS and related stuff from toxcore #1491
Comments
|
@ovalseven8 once it can be replaced with something better. |
|
I'm not sure whether that justifies to keep it in toxcore. |
|
@GrayHatter you don't think HTTPS lookups are better than DNS? |
|
whats the benefit of https over dns? (assuming dnssec is supported for security) |
|
Https is inherently more secure, because it's been built to be secure. @subliun no, I think https is also broken. But you know that so stop
|
|
@cebe https is encrypted, dnssec isn't. @GrayHatter In what way to you feel https is broken? |
|
Https was better because it'd be easier for anyone to create/run a resolve
|
|
@GrayHatter why can't you only trust specific certificates? Just because web browsers have a comprehensive list of certificate authorities doesn't have to mean Tox has to use the same list, it could use a much more narrow one. No matter what type of encryption and digital signature you're going to you, you will have to trust some signing authority, whether it's built into the client or external. |
|
@LuccoJ because defining your own cert list is much harder than using the existing on built into the OS, and as I said HTTPS was supposed to be easy. But if you're doing that, why not DNS? Right, but a huge part of tox is to be trustless (just ask @JFreegman ). I'm fine with trust, but I'm not fine with trusting every TLA. So if we want to be the IM client that protects its users, why HTTPS? |
This will be a problem with any centralized (or even federated) naming system: trustlessness will be impossible. The only real alternative (and I do wish this was pursued) is to use a distributed system, such as for instance the most obvious choice of basing it on namecoin. |
|
I'm fine with trust. I'm not fine with trusting [your TLA here] I'm fine with distributed, centralized, decentralized and federated. I'm not fine with a blockchain. |
|
You seem to be fine with a few things that the Tox project at least originally was not. Personally I hope it stays the original way. Anyway http://perspectives-project.org/ offers a peer-based HTTPS solution that doesn't use CAs; it may be of interest. |
|
@LuccoJ have you read every line of code in toxcore? And then every line in the client that you use? Then you're already using trust. You use github, and I assume IRC, so you've also fine with both decentralized and centralized systems as well. What exactly do you think I'm fine with that's in opposition to the original idea of Toxcore? |
|
I'm using distributed trust when I use toxcore, because even though I haven't read every line of code in the client I use, it is possible for everyone to scrutinize it, and it's possible for anyone to blow the whistle if they see a problem. I use GitHub and IRC but that doesn't mean I'm "fine" with them. IRC is pretty much terrible both in terms of reliability and security, whether or not you use it in a centralized way (freenode-style) or in a federated way (like most other networks). The reason I'm interested in Tox is because it is different and hopefully in most ways better than this sort of legacy, not because it's more of the same. I'm also interested in many other distributed systems, of which there is a long list at https://github.com/redecentralize/alternative-internet |
|
Right, but that was my point. I'm fine with them as long as they are the right tool for the job. And github can do anything it likes, because if they do anything shady, FOSS will jump ship. Once that happens github will stop existing. Meanwhile, they can't do anything directly with code because git is very resistant to that. Just like Toxcore is and should be. If you're using toxme.io, or register.utox.org, you're already using centralized systems. With the requirement that you trust them. Trust, and centralized systems aren't bad. Just easy to abuse. |
|
@GrayHatter so can dns be removed from core now? |
|
Yes |
|
@JFreegman \o/ |
Hello,
as far as I know, there's the consensus that toxcore should remove ToxDNS at all.
In general, the goal of toxcore is to provide a lighweight, reliable and secure codebase for the clients. The current solution with ToxDNS isn't both secure and decentralized.
Moreover, to use Tox IDs is not such a problem as it probably seems in my opinion. Nonetheless, the clients can of course implement HTTPS lookup services - but that's something that shouldn't be in toxcore.
Are there any plans when to remove ToxDNS and all the related stuff from toxcore?
The text was updated successfully, but these errors were encountered: