Talk:Zooko's triangle

Latest comment: 3 years ago by Sékiltoyai in topic DNSSec

Importance

edit

Secondary sourcing here is pretty thin and mostly at the blog level. While there are a few academics who peddled their solution for this alleged problem (see petname), it's rather easy to be unsurprised that in the real world the ability to name "paypal.com" as "MyBank" (and have it automatically recognized as such) doesn't make a huge difference. Browser bookmarks already do that one way, and in some browsers (Firefox for example) bookmarked URLs are automatically recognized and marked with a yellow star, which is less than having a separate name pop up for each URL, but still good enough to most people because the probability that you'd have already bookmarked a phishing site trying to impersonate a legit one is practically zero. In other words, there isn't really a problem that memorable names are (or have to be) global. Never mind that such naming globalization assists, you know, communication between people... Someone not using his real name (talk) 14:16, 23 December 2013 (UTC)Reply

Zooko's triangle was the major impedance to decentralized websites for decades. No one liked the cenorship of the web, but no one could do anything about it for this exact reason. Google scholar turns up ~140 scholarly articles which mention this topic. Indolering (talk) 01:49, 26 April 2020 (UTC)Reply

misunderstanding

edit

ZT seems to be fatally misunderstood. It assumes that the 'system' under test is a simple system, such as a hash / public key. This can be seen in the text of the original article which claims /inter alia/ A name-value pair is "self-authenticating" if, given the name-value pair, you can verify on your own that the mapping from that name to that value is correct.

Then, as a consequence of this, ZT suggests that no simple system can provide all three properties. It is not claimed that a complex composite system can not provide all three in some approximation or other. In contrast, it is suggested that the designer's job is to compose a system that meets the needs, with various compromises; something known as "squaring ZT".

Given that, the "Solutions" section is probably hopeful at best, or nonsense at worst. Szabo's apparent solution while interesting is a composite, and it specifically breaches the restriction "on your own" because it is of multi-party complexity. Same with namecoin, which only works because a thousand parties consent to run a blockchain without futzing. Its journalistic evidence above confounds the credibility of wikipedia... — Preceding unsigned comment added by iang of iang & org ... 212.169.1.61 (talk) 04:49, 1 June 2014 (UTC)Reply

All computer security projects requires some level of trust that the underlying system is correct. Being able to be able to verify cryptographic signatures requires trusting the algorithms, the hardware the program is run on, the operating system that is running the program, etc. Very few discussions about security models assume an isolated individual performing crypto manually using pen and paper alone.
What the Zooko Triangle thesis meant was that if you have some human meaningful naming system (such as example.com) with associated cryptographic identities while also having decentralized ownership because domain squatters can just sit on all available domains. You need a decentralized monetary system to charge for those domains, which cryptocurrencies provide. There are ways an attacker could even make life hard for a Bitcoin based solution to all this, but I'm not going to get into that here as it's beyond the scope of the original thesis. Indolering (talk) 01:22, 26 April 2020 (UTC)Reply


DNSSec

edit

@Andy Dingley: I edited the article to say that DNSSec is secure and human-meaningful (it currently says secure and decentralized).

DNSSec is certainly human-meaningful - low-entropy names are provided to the users. wikipedia.org instead of AKRNCVFEWRHTVJAFBASXDMAZCRV?SNJTCAERTYES&BIRYORVSYVESOVJSZDF. This is not disputable.

DNSSec is certainly not decentralized - there is a set of root servers operated by one organization. You cannot get a name unless the root authority permits you to own it. This happens indirectly by delegating each level - the root authority allows another organization to own all of .org, then that organization allows Wikimedia to own wikipedia.org, and so on. I don't believe this counts as decentralized. Compare with Tor .onion addresses (decentralized, not human-meaningful) or

DNSSec is secure (in principle) - nobody can take over a domain. The root can inflict damage, but that is true of *any* centralized system. Compare with a hypothetical system where computers simply announce the domains they own, which would be decentralized and human-meaningful, but not secure - you could take over someone else's domain by announcing it. Or one where every user can assign their own human-readable names to unreadable high-entropy identifiers - then you can't be sure what a name will refer to on any given system.

Am I missing something?

Immibis (talk) 00:02, 25 December 2019 (UTC)Reply

Nope, that is correct. Indolering (talk) 01:11, 26 April 2020 (UTC)Reply

@Andy Dingley: I edited again as the statement that DNSSec is human-meaningless and decentralized but not secure is wrong. DNSSec *is* secure, but its security implies to trust root-servers, which are under the control of some organisations, thus it is definitely not decentralized (as a PKI system is secure but not decentralized as well). I inserted a proper justification in the article. --Sékiltoyai (talk) 10:03, 15 July 2021 (UTC)Reply

Missing Blogpost

edit

I removed the following text:

Zooko removed/deleted his blog post about Zooko's triangle which suggests that he may not think that the reasoning for the concept is particularly sound, as shown by later solutions to the trilemma.

I removal is justifiable because it has an editorial tone and because it appears that his entire blog is down - not just that page. This was a major topic of discussion in the academic literature and was not solvable until Bitcoin came along.

Indolering (talk) 01:04, 26 April 2020 (UTC)Reply