Any way to run HNS (Handshake Naming System) on Merlin?

[scodan]

According to this blog post from PIA: https://www.privateinternetaccess.c...t-names-with-the-handshake-naming-system-hns/
HNS (Handshake Naming System) can now be used in their latest releases of their VPN software to resolve internet names. Please go easy on me here, this is my first post here. I was wondering if there was any way to implement this in my RT-AC86U running Merlin Firmware Version: 384.14 I'm a total newb but trying to learn as I go along. I believe this HNS will greatly improve web browsing. Any info is most definitely appreciated. I asked on PIA's reddit page and they suggested that I ask on here. Thank you for your hard work on Merlin firmware. It is greatly appreciated. Again, please forgive me if I made some newb mistakes.

 

[Kingp1n]

According to this blog post from PIA: https://www.privateinternetaccess.c...t-names-with-the-handshake-naming-system-hns/
HNS (Handshake Naming System) can now be used in their latest releases of their VPN software to resolve internet names. Please go easy on me here, this is my first post here. I was wondering if there was any way to implement this in my RT-AC86U running Merlin Firmware Version: 384.14 I'm a total newb but trying to learn as I go along. I believe this HNS will greatly improve web browsing. Any info is most definitely appreciated. I asked on PIA's reddit page and they suggested that I ask on here. Thank you for your hard work on Merlin firmware. It is greatly appreciated. Again, please forgive me if I made some newb mistakes.

That's a great question...I currently use PIA VPN and hope some more knowledgeable folks in this matter are able to assist.

 

[ColinTaylor]

I believe this HNS will greatly improve web browsing.

Why do you think this (serious question)? As far as I can tell there's almost zero support or use of this at the moment.

 

[scodan]

Why do you think this (serious question)? As far as I can tell there's almost zero support or use of this at the moment.

As it says in the article: "The real benefit lies in censorship resistance. While DNS is already fairly decentralized, the centralization exists because of ICANN’s gatekeeper control of issuing top level domains (TLDs) and maintenance of the DNS root zone file which is used by all DNS root servers."

And this may not even be the one to take hold but you can bet something like this will eventually.

 

[ColinTaylor]

Yes I read the information you quoted.

And this may not even be the one to take hold but you can bet something like this will eventually.

That was really my point. This idea seems to have been kicking around for a number of years now but there appears to be almost zero use of it. The site linked to in that article appears to show only 491 names registered in it. That was why I queried your statement that it "will greatly improve web browsing". Maybe in the future, but that seems a long way away at the moment.

 

[scodan]

Well thank you for your help.

 

[RMerlin]

As it says in the article: "The real benefit lies in censorship resistance. While DNS is already fairly decentralized, the centralization exists because of ICANN’s gatekeeper control of issuing top level domains (TLDs) and maintenance of the DNS root zone file which is used by all DNS root servers."

And this may not even be the one to take hold but you can bet something like this will eventually.

DNS works in a hierarchical way. The root servers only contain info about the TLDs. The authoritative nameservers for a domain are controlled by the TLD's registry, not by ICANN. And the content of the zone is controlled by your authoritative nameserver.

People should look at established standards like DNS over TLS and DNSSEC rather than these oddball technologies if their goal is to make the Internet a more secure place IMHO.

This is nothing more than yet another "side network" like Tor .onion addresses. It will provide zero enhancement to the sites you regularly visit.

And considering a Linux client requires all the bloat and overhead of node.js, and they ask you to define a cache location that can reach "multiple megabytes" in size, don't expect this to ever appear on a router.

 

[scodan]

Thank you for the reply but I refer you to their article. https://www.privateinternetaccess.c...t-names-with-the-handshake-naming-system-hns/

 

[RMerlin]

Thank you for the reply but I refer you to their article. https://www.privateinternetaccess.c...t-names-with-the-handshake-naming-system-hns/

I've already seen it, and it doesn't contradict anything that I've written.

 

[scodan]

Thank you for your time. And thank you for the advice. Particularly this:

People should look at established standards like DNS over TLS and DNSSEC rather than these oddball technologies if their goal is to make the Internet a more secure place IMHO.

This is nothing more than yet another "side network" like Tor .onion addresses. It will provide zero enhancement to the sites you regularly visit.

 

[sfx2000]

People should look at established standards like DNS over TLS and DNSSEC rather than these oddball technologies if their goal is to make the Internet a more secure place IMHO.

This is nothing more than yet another "side network" like Tor .onion addresses. It will provide zero enhancement to the sites you regularly visit.

And considering a Linux client requires all the bloat and overhead of node.js, and they ask you to define a cache location that can reach "multiple megabytes" in size, don't expect this to ever appear on a router.

Agree...

For those who would like to explore HNS, best to keep this on the PC, where preliminary support is available as browser plugins and/or other helper apps (like PIA's desktop client)

https://handshake.org/

https://medium.com/tokendaily/handshake-ens-and-decentralized-naming-services-explained-2e69a1ca1313