A web of trust in a dark forest

Extend ENS Protocol to support x.509 CAA authentication and verification

׺°”˜”°º×509 ENS׺°”˜”°º× Proposal

TLDR: Parsing and verification of X.509 certificate chains on-chain to enable any ETH account to prove ownership of a verified certificate.

This enables use cases and functionality such as:

  1. associating a domain with an Ethereum address
  2. dynamic discovery and delegation via DNS for Identities
  3. verifying HTTP responses on-chain using Signed HTTP Exchanges (SXG) / web packages
  4. Disintermediated Certificate Authority Registry

ENS can choose from existing certificate authority vendors for adding support for their certificates using the certificate authorities trusted root certificate. This can represent an additional source of revenue by providing a value-addon buy option at the time of .eth purchase, potentially.