[webkit-dev] Interest in supporting cryptographically-generated domain names?

Demi Marie Obenour demiobenour at gmail.com
Sun May 4 14:52:22 PDT 2025


A major limitation of the Web PKI is that it cannot issue certificates
for devices that do not own a public domain name or IP address.  To
solve this problem, I have created a proposal for incorporating a public
key in the domain name itself, allowing a server to be authenticated
without involving a third party.  The proposal can be found at
<https://demimarie.github.io/cryptographically-generated-domains.html>.

Is an implementation of this something that Chromium would be interested
in?  I do plan to propose this to the IETF, but first I want to check if
there is interest from browser vendors.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)



More information about the webkit-dev mailing list