Fingertip - an Easy Way To Use SSL (DANE) on Handshake

When I think of https and SSL and DANE - I think of Matt Zipkin - and I am sure he will be happy with this new product release at Impervious (where he’s the lead developer). Buffrr was the developer who built Fingertip and we are excited to share more about it - yes, pretty cool name:

Fingertip.

What is it?

It's an easy to use application on your computer that you can turn on / off with the click of the button to be able to resolve Handshake domains with HNSD (a lightweight HSD blockchain client).

PLUS

Supports DANE and allows you to have https:// in the Handshake name.

I have to say, I do agree w/ Matt - if we are doing all this work to build a new domain name system, we need to make sure it is secure.

As far as I know - this is the first time I have seen an application that makes it this easy to resolve SSLs on handshake domains I.E makes it easy to browse securely to websites hosted on Handshake domains.

So enjoy this demo where I set it up and then resolve a Handshake domain with SSL.

THE HANDSHAKE vision is 2 Part: DNS (ICANN) + CA (certificate authorities)

This is also the whole vision of the system right here: decentralized naming system *and certificate authority* Many in the ecosystem ONLY talk about ICANN and DNS - but what I am learning more and more - the bigger issue is the “CA racket” the certificate authority and simply trusting a random company because my laptop manufacturer pre-installed these CA certificates on my computer.

Official Announcement from Buffrr on Telegram Friday July 30, 2021

Hey, we are releasing Fingertip today!
An easier way to access Handshake with a decentralized resolver and TLS support check it out

https://impervious.com/fingertip.html
https://github.com/imperviousinc/fingertip

From Zipkin on How to get it to work on firefox
https://gist.github.com/pinheadmz/264e360742e8b35798bf88005e77f2f8

Question:
would it work w/ a vpn on? - other hns resolvers conflict w/ the vpn

Answer:
yeah it uses hnsd which needs access to dns servers over port 53. So if you're using something like mullvad it's unlikely to work

Question:
How about Using it on Chrome Browser

Answer:
Setting it up for chrome is a bit different 🙂 Unlike Firefox, chrome uses the OS proxy settings and the system keychain on macos. currently there are no guides for using it with chrome so the easiest way is using firefox

For Macos (chrome+all browsers except firefox because it's system-wide)

Add certificate:
https://support.securly.com/hc/en-us/articles/206058318-How-to-install-the-Securly-SSL-certificate-on-Mac-OSX-

Add proxy:
https://library.uap.asia/faq?id=5