undefined | Better HN

0 pointsmaccard3y ago0 comments

> Like I said to someone else, the real answer is to not sign documents that are wrong.

If "don't make mistakes" was a viable solution, we just wouldn't have a whole family of problems.

> you probably should include a timestamp, an expiration for the key, a hash of the previous message so people can tell what is supposed to supercede what, etc.

An expiration for your current key doesn't _really_ help the problem of "I don't know where to get the next key from". A blockchain _in theory_ formalises the "disseminate your public key through this accessible place" (which you've defined as twitter, I might define as a CA registry that comes with browser and someone else might define as a blockchain), but this solution doesn't actually solve the problem of "the public key is different, which one do I use?" which _is_ what a blockchain does, except in reality, it's useless because when these things diverge you almost certainly look elsewhere for trust.

0 comments

pclmulqdq3y ago

By the way, this chain of documents with precise information is a blockchain in itself. You don't need another one. Particularly not for disseminating information, where it doesn't really solve any problems. Publish those documents wherever you want, and include the appropriate information so that they are not wrong. That's a blockchain.

I will add that "don't make stupid mistakes" is a key tenet of cryptography in general - and blockchains in specific.

kuramitropolis3y ago

>Publish those documents wherever you want

And where would one publish such documents, so that they would not be under the control of any single party?

pclmulqdq3y ago

I publish them somewhere I have control, like my website, and ask archiving services to archive that page. I don't need them to be under nobody's control.

If someone compromises my blockchain keys, it's about as bad as if someone compromises my website (in terms of the actual attack vectors).

1 more reply

j / k navigate · click thread line to collapse

0 pointsmaccard3y ago0 comments

> Like I said to someone else, the real answer is to not sign documents that are wrong.

If "don't make mistakes" was a viable solution, we just wouldn't have a whole family of problems.

> you probably should include a timestamp, an expiration for the key, a hash of the previous message so people can tell what is supposed to supercede what, etc.

0 comments

pclmulqdq3y ago

I will add that "don't make stupid mistakes" is a key tenet of cryptography in general - and blockchains in specific.

kuramitropolis3y ago

>Publish those documents wherever you want

And where would one publish such documents, so that they would not be under the control of any single party?

pclmulqdq3y ago

I publish them somewhere I have control, like my website, and ask archiving services to archive that page. I don't need them to be under nobody's control.

If someone compromises my blockchain keys, it's about as bad as if someone compromises my website (in terms of the actual attack vectors).

1 more reply

j / k navigate · click thread line to collapse