Handshake: Decentralizing Domains and Certificate Authority

Decentralizing Domains

Handshake: Decentralizing Domains and Certificate Authority

Decentralization and Handshake

A decentralized system shifts central authority from a single entity to a more distributed, complex, and multifaceted concept. This is precisely what the decentralized domain concept proposes. These decentralized domains, also known as blockchain domains, Web 3.0 domains, crypto domains, NFT domains, or whatever other name you choose to call them, aim to build a domain system that is not regulated by certificate authorities but instead distributes power to users.

The conventional domain system all rests on ICANN, the central authority that manages the issuance and functioning of domain names. Over the years, there have been ideas of establishing a decentralized domain system because this system delegates too much power to a single entity. The concept of replacing Certificate Authorities (CAs) with a decentralized blockchain solution has been around since the early days of bitcoin. Although, replacing such a vital internet structure as ICANN may seem like a significant issue. However, it is definitely worth it because a decentralized domain is a significant leap towards creating a system that is safer, free from censorship, and resistant to any form of cyber attack. 

There are quite a number of decentralized domain protocols under active development at the moment. The most promising of the current efforts is Handshake. Other impressive projects in recent years have been Unstoppable and Ethereum domains. All these different blockchain-based projects operate in a bid to establish a more decentralized domain system, however, with different approaches. So far, Handshake has been the closest to actually replacing a certificate authority like ICANN. 

What is the problem with certificate authorities?

What if you were informed you required permission to access the Internet? You’d probably disagree. After all, Instagram, Facebook, and other Internet services are free and available to the public. However, in reality, these tech behemoths have total control over how you and I use these services. They also have access to user data and can do anything they want with it.

Another fundamental problem with the current approach is that we have to trust the Certificate Authority (CA) that issued the (Transport Layer Security) TLS or Secure Sockets Layer (SSL) certificate that informs our browser that a website is reliable. These CA companies are highly vulnerable, as demonstrated by the 2011 attack on a Dutch CA, DigiNotar. Fake certificates were produced after an attacker obtained access that allowed him to impersonate websites like Google, Yahoo, Mozilla, and other victim browsers. 

This is one of several cases demonstrating that the current conventional domain managed by a certificate authority is insecure and highly susceptible to attacks. If and when successfully attacked, there will be many casualties because it has a central point of control and, by extension, a central point of failure. This major vulnerability to cybersecurity ought to make us re-examine some of the critical infrastructures on which the Internet relies every day and figure out how to fix these vulnerabilities or outrightly replace the system.

Handshake Domains

Handshake is a peer-to-peer system with no central authority structure. It is a decentralized naming protocol based on blockchain technology that allows everyone to use a distributed and decentralized system. Handshake intends to take over ICANN’s role of granting top-level domains (TLDs) and managing root zone files but in a more decentralized manner. This means that anyone will be able to register new top-level domains (TLDs) using Handshake without having to pay ICANN’s expensive application fee. This will contribute to the expansion of the limited cosmos of .com, .org, .io, and other related domains. For instance, you could just buy the TLD “name” on its own. You can even charge money from other people who want a second-level domain under your TLD, like “Tom. name,” for example. Overall, a worldwide list of top-level domain names will be maintained on the Handshake public blockchain.

Why Handshake?

Simply put, Handshake is the only decentralized naming protocol that has sufficient structure to carry out ICANN’s entire role at the moment. Hence, it proposes a true and complete decentralization. However, other decentralized naming protocols (Ethereum and unstoppable domains) only operate on second-level domains. Unlike Handshake, which serves as a general domain naming system, they primarily function as a way of replacing long alphanumeric crypto addresses with simple URLs.

Moreover, many argue that since Handshake opens up the acquisition of TLDs, many will take advantage of this to register scam TLDs under the guise of well-known domain names. However, the domain names of the top 100,000 websites on the Internet are being reserved for their actual owners to claim on Handshake. As a result, prominent websites will just have to join their current domains to the Handshake network. If any of the major websites do not claim their domain names, searching their domain names on the Handshake network will, at best, go to blank pages, not those of scammers.

Also, integrating the handshake network on traditional browsers like Chrome, Firefox, and so on can be easily done using a domain resolver such as NextDNS, VPNs, and so on. Therefore users don’t have to worry about not being able to access Handshake domains on traditional browsers. The fact that it operates more easily inside the existing domain framework makes it easier to ease into this new network. 

Handshake’s goal is to create a highly secure, decentralized, and very usable system. Previous attempts at resolving names on a blockchain have struggled to balance security, usability, and centralization. Handshake has, however, done an excellent job of balancing these goals by developing several “security modes” fit for diverse applications. Overall, we may argue that the present domain system is doing fine and doesn’t need fixing; however, it is more faulty than we can imagine. The number of vulnerabilities associated with this traditional web system needs to be fixed, and Handshake is on the quest to do that. 


Many of the Internet’s intrinsic flaws have been exposed over time. With Handshake, there is hope that the Internet will grow into a more decentralized fashion that gives users more control.

Handshake: Decentralizing Domains and Certificate Authority Handshake: Decentralizing Domains and Certificate Authority Handshake: Decentralizing Domains and Certificate Authority Web 3.0 Features of Web 3.0


Leave a Comment

Your email address will not be published. Required fields are marked *