Differences from dename and CONIKS?

[pfrazee]

Hey folks! Interested in your work. Could summarize some of the changes being considered, compared to dename and CONIKS? (I'd also like to hear what quorum algorithms you're considering, now.)

Thanks!

[andres-erbsen]

I think of coname as being quite like dename, except that the semi-decentralized consensus (that would ideally be implemented using something like Stellar Consensus Protocol) is replaced with letting the service provider associated with namespace dictate the order in which changes are applied to it. After an entry is recorded in the system, both systems require a signature from an authorized key to change it, and both systems allow third-party verifiers to vet and certify that key changes are handled correctly. The difference between coname and CONIKS is larger; CONIKS only lets third-party auditors vet that everybody sees a consistent view, each user is responsible for vetting changes to their own key and raising alarm in case an unauthorized change is detected. Nevertheless, coname includes the VRF-based system from CONIKS for hiding the usernames of registered users from third-party verifiers.

I have written about my opinions on these design choices at http://andres.systems/blog/2015-07-22-another-take-at-public-key-distribution/