• Terrasque@infosec.pub
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    There’s basically 3 ways to verify a certificate.

    1. TOFU - trust on first use - save the certificate print first access and remember it so you know if it gets changed
    2. WoT - web of trust - other certificate holders verify the certificate and hopefully you find a chain to someone you trust.
    3. Central authority - the most popular. A central entity verifies and goes good for the identity.

    In all three you need to trust someone, and ask three are a pain to transfer something to new owner.

    NFT gives a fundamentally new option here, that’s transferable and doesn’t require trust. That it’s been used for and gotten known for monkey scams is a shame.

    • magic_lobster_party@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      1 year ago

      And how do you verify that the NFT can be trusted? With any of the 3 methods you mentioned!

      Blockchain doesn’t circumvent this need of trust.

      The thing blockchain eliminates is the need of a timestamp authority when doing transactions. Satoshi even called his invention “distributed timestamp server” before people started to call it blockchain. You don’t need timestamps when verifying the authenticity of an NFT.

    • Natanael@slrpnk.net
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Not really, signatures on blockchains is just another TOFU or WoT variant, because how do you know the original token is the legit thing you wanted in the first place? It’s only after you have identified it that the existence of the blockchain becomes relevant in that it can track ownership without central authority.