Hi @rbirkner, presumably this domain name is stored in the registry against this node. Can I ask how/when/where it was set (I can’t find a proposal that configured this domain name)?
Yes, the domain name is part of the node record (here is the protobuf definition). The domain name is set either at node registration or can be set by the node operator using dfx (here are the instructions).
Thanks again, @rbirkner. What I’m now confused about is why simple browser extensions couldn’t be used to protect end users from potentially malicious frontends which are not faithfully as defined on-chain.
Would you be able to explain further what the limitation is? Couldn’t an extension check the header and validate the certificate, and if the validation fails prevent the page from loading (ensuring no malicious API calls are made on behalf of the user)?
Without this, I’m not sure it’s accurate to make claims like this →
There are comments in this video which explain there’s no need for special clients or extensions to interact with the blockchain, but surely that’s only true if you’re okay interacting with the blockchain without security guarantees. @samuelburri, can I ask what your thoughts are on this topic?
It seems like a criticism that’s going to keep rearing it’s head until it’s addressed. There’s a ‘“fully On-chain” Fallacy’ section in this post on TAGGR, which seems to have influenced @mrx in backing off actively developing TAGGR.