I'm increasingly of the view that global namespaces add unnecessary new attack vectors for phishing, impersonation, and spam

They're likely not necessary for cryptpgraphic keys, which are already globally unique

I'm increasingly of the view that global namespaces add unnecessary new attack vectors for phishing, impersonation, and spam

They're likely not necessary for cryptpgraphic keys, which are already globally unique

https://twitter.com/vinayvasanji/status/1686842370925395968?t=4Y6HbpT1kbbVqyUePWJvvA&s=19

editor https://lowercase.cards/ moderator /lowercase

You do need a common network but it can be distinct from the medium of messaging. Maybe a topic for our next call?

In the digital realm, can you have local/pet names without everyone using the same medium of messaging?

Work in Web3 focus on human rights especially anti-slavery projects and programmes with common goods at the heart fascinated by evolution - cave markings to X

The argument is improved UX - i.e. vinayvasanji.eth is easier to type than the 0x address

But this ignores downstream issues like homoglyphic attacks (using similar looking but different characters), squatting etc

It also doesn't account for the fact that names can be swiped on expiry, and resolvers incorrectly setup

Agree what is the benefit of a global name Space (genuine question) and then the cost against the risk

interesting article and I like the thinking but couldn’t really grok what a realistic alternative would look like

imho, the best blueteam tool is tamper evidence & expecting social engineering to break whatever apparatus there is. for "official" communication, everyone becomes a subdomain (e.g. SMTP).
would love to see person.outgoingmsgdomain.eth & complement, the tampered domain (& compiler/keys) become easier to spot.