http://www.recalescencecoins.bit
I've known about Namecoin for ages, and until recently I thought it was a dead project!
Namecoin is the only other crypto in my opinion that could have as much impact as Bitcoin.
Now time to make a Physical Namecoin...
Can someone explain to me how to get my SSL cert to work with the .bit domain?
SSL?
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: SSL?
Sure. Take a look at the .bit spec: https://dot-bit.bit/Namespace:Domain_names_v2.0Hexadecibel wrote:http://www.recalescencecoins.bit
I've known about Namecoin for ages, and until recently I thought it was a dead project!
Namecoin is the only other crypto in my opinion that could have as much impact as Bitcoin.
Now time to make a Physical Namecoin...
Can someone explain to me how to get my SSL cert to work with the .bit domain?
You want the "fingerprint" and "tls" fields. "tls" is newer and has more features, but isn't widely supported, so you should probably either use both or just use "fingerprint". The fingerprint you use should be the fingerprint that your server returns when you visit its IP address in a browser (Firefox's Page Info dialog should tell you the fingerprint). Colons are optional. I think Namecoin-Qt can automate the "fingerprint" field if you're using it.
To browse the site securely, you'll need a Namecoin DNS software that supports TLS; right now the only option is Convergence for Namecoin. https://github.com/JeremyRand/Convergence/ (Binaries will be released soon for people who don't want to build from source code, although building is quite easy.)
Hope this helps.
-
- Posts: 3
- Joined: Fri Dec 20, 2013 10:51 pm
Re: SSL?
Cool, ok I added the fingerprint and it looks like it worked.Sure. Take a look at the .bit spec: https://dot-bit.bit/Namespace:Domain_names_v2.0
You want the "fingerprint" and "tls" fields. "tls" is newer and has more features, but isn't widely supported, so you should probably either use both or just use "fingerprint". The fingerprint you use should be the fingerprint that your server returns when you visit its IP address in a browser (Firefox's Page Info dialog should tell you the fingerprint). Colons are optional. I think Namecoin-Qt can automate the "fingerprint" field if you're using it.
To browse the site securely, you'll need a Namecoin DNS software that supports TLS; right now the only option is Convergence for Namecoin. https://github.com/JeremyRand/Convergence/ (Binaries will be released soon for people who don't want to build from source code, although building is quite easy.)
Hope this helps.
So what you are saying though the site is still not secure to browse, even though its https now? You say TLS is newer; is this an update of SSL? *heh ok just read about it :p. I'm ruminating on a project I want to use nmc with so I'll google all this for sure, but it would be helpful for a first person account.
Thanks
Last edited by Hexadecibel on Sat Dec 21, 2013 4:23 am, edited 1 time in total.
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: SSL?
It is secure even with just the "fingerprint" field. The "tls" field added support for different certs on different ports, and different hash algorithms from SHA-1, but these aren't particulartly important for standard usage (although I'm hoping to implement the "tls" field in the future). When people say SSL they're usually referring to TLS; actual SSL hasn't been in widespread use for years, but the name stuck for some reason. If you're not using Convergence for Namecoin or something similar, then your browser won't be able to verify that the certificate is legitimate (so you'll get a TLS warning in Firefox), similar to self-signed certs on non-.bit domains. With Convergence for Namecoin, your browser will verify that the cert has the correct fingerprint and you're more secure than CA-based TLS on non-.bit domains.Hexadecibel wrote:Cool, ok I added the fingerprint and it looks like it worked.Sure. Take a look at the .bit spec: https://dot-bit.bit/Namespace:Domain_names_v2.0
You want the "fingerprint" and "tls" fields. "tls" is newer and has more features, but isn't widely supported, so you should probably either use both or just use "fingerprint". The fingerprint you use should be the fingerprint that your server returns when you visit its IP address in a browser (Firefox's Page Info dialog should tell you the fingerprint). Colons are optional. I think Namecoin-Qt can automate the "fingerprint" field if you're using it.
To browse the site securely, you'll need a Namecoin DNS software that supports TLS; right now the only option is Convergence for Namecoin. https://github.com/JeremyRand/Convergence/ (Binaries will be released soon for people who don't want to build from source code, although building is quite easy.)
Hope this helps.
So what you are saying though the site is still not secure to browse, even though its https now? You say TLS is newer; is this an update of SSL? I'm ruminating on a project I want to use nmc with so I'll google all this for sure, but it would be helpful for a first person account.
Thanks
-
- Posts: 3
- Joined: Fri Dec 20, 2013 10:51 pm
Re: SSL?
Awesome.biolizard89 wrote:It is secure even with just the "fingerprint" field. The "tls" field added support for different certs on different ports, and different hash algorithms from SHA-1, but these aren't particulartly important for standard usage (although I'm hoping to implement the "tls" field in the future). When people say SSL they're usually referring to TLS; actual SSL hasn't been in widespread use for years, but the name stuck for some reason. If you're not using Convergence for Namecoin or something similar, then your browser won't be able to verify that the certificate is legitimate (so you'll get a TLS warning in Firefox), similar to self-signed certs on non-.bit domains. With Convergence for Namecoin, your browser will verify that the cert has the correct fingerprint and you're more secure than CA-based TLS on non-.bit domains.Hexadecibel wrote:Cool, ok I added the fingerprint and it looks like it worked.Sure. Take a look at the .bit spec: https://dot-bit.bit/Namespace:Domain_names_v2.0
You want the "fingerprint" and "tls" fields. "tls" is newer and has more features, but isn't widely supported, so you should probably either use both or just use "fingerprint". The fingerprint you use should be the fingerprint that your server returns when you visit its IP address in a browser (Firefox's Page Info dialog should tell you the fingerprint). Colons are optional. I think Namecoin-Qt can automate the "fingerprint" field if you're using it.
To browse the site securely, you'll need a Namecoin DNS software that supports TLS; right now the only option is Convergence for Namecoin. https://github.com/JeremyRand/Convergence/ (Binaries will be released soon for people who don't want to build from source code, although building is quite easy.)
Hope this helps.
So what you are saying though the site is still not secure to browse, even though its https now? You say TLS is newer; is this an update of SSL? I'm ruminating on a project I want to use nmc with so I'll google all this for sure, but it would be helpful for a first person account.
Thanks
Thanks for your help. Are you a developer for this project? Do you guys have a development mailing list? As a non technical person, whats the best way I can help support this project at the moment?
-
- Posts: 2001
- Joined: Tue Jun 05, 2012 6:25 am
- os: linux
Re: SSL?
At the moment the forum is basically our dev mailing list. I'm the developer of Convergence for Namecoin (I created the first and so far only implementation of the "fingerprint" field).Hexadecibel wrote:Awesome.
Thanks for your help. Are you a developer for this project? Do you guys have a development mailing list? As a non technical person, whats the best way I can help support this project at the moment?
I think the best ways to support the project are (1) spread the word, and (2) give feedback on documentation (and maybe help write documentation/PR materials). You can also donate to the Namecoin Marketing and Development Fund which supports developers with bounties: http://dot-bit.org/forum/viewtopic.php? ... 3755501712 . There's also a donation address on my GitHub page for Convergence for Namecoin if you'd like to support my project directly: https://github.com/JeremyRand/Convergence/ .