Slashdot videos: Now with more Slashdot!
Intelligence as a requirement for voting has been fought for a long time see voting tests.
There is a certain amount of irony with you saying this, followed by your
Knowledge = Power
Money = Work/Knowledge so the less you know the more you make
This "joke" is clearly aimed at people who think they understand math/physics/science, so it won't be funny to most people. But, it also shows a complete lack of understanding about how equations should be interpreted. What the formula "money = work/knowledge" says to increase the amount of worked done, you need either more money or more knowledge. In other words, "the only substitute for knowledge is money", or "a fool and his money are soon parted". You are a case of "a little knowledge is a dangerous thing". By your own statments, you shouldn't vote.
Trust is the same for DNSSEc, it's just that instead of using the root servers as a trust chain, you use a 3rd party that every domain owners had to pay for.
DNSCurve does not require you to pay any third parties, it is like DNSSEC where you publish your own information. Both technologies are (or in the case of DNSCurve, will be) free.
DNSCurve is much easier to implement than DNSSEC and and also advantages in term of cryptography speed and increase of traffic.
DNSSEC has many years of actual deployment, not as wide spread as it needs to be, but it has been out there and tested.
Can you point me to a single implementation of DNSCurve? Can you even point me to a specification of what exactly it is? I've looked, and the best that I can tell, there aren't any. More over, it doesn't appear that DJB's website has been updated since he proposed DNSCurve last year.
To the contrary, DNSSEC could possibly kill the goldmine that is the SSL cert racket. That is, unless having your DNS entry signed somehow becomes a "value added" service you need to pay for extra. I'm a layman here, but glancing at how DNSSEC works, I see no obvious way selectively signing some but not the rest of entries could work. This means, DNSSEC would provide a more secure way to give the public key to a viewer.
You may be a layman, but you appear to have far more clue about this stuff than most. Yes, once DNSSEC is deployed, anyone with a domain name can publish CERT records and have about the same security as a paid-for CERT. Granted the cert authorities right now require you to give your name and address and such, which publishing CERT records in the DNS won't require so they aren't exactly the same, but close enough considering how little checking the cert authorities do on such information