What problem are we solving, exactly? No eavesdropping is simple
   enough. No MITM is not preventable without information known to come
   from the intended source. Presently we have "all knowers" called
   certificate authorities. We trust them as a collective not
   individually. Their security depending on their collective is a fatal
   mistake. The idea of an all-knower is very, very convenient for the
   design of these systems.

   Yet, is it required? Surely there must be a distributed, not
   decentralized* approach that works to spread information with
   certainty.

   The problem then lies with the link between the security record
   (signature, proof of private key) and the name record (DNS). Simply
   signing the DNS records would be enough, then the DNS records must be
   provided properly. This is moving the problem. Yet, it is moving the
   problem to the DNS provider, which also suffers from the centralization
   weakness that persists in such decentralized arrangements.

   Having a DHT in which several known friends are anchored might allow
   that DHT to "vote" on the subject. Every node will accumulate the votes
   from its trusted neighbors and vote on what the majority agrees on.
   Heuristic, but typically functional. And we swat two flies with one
   blow. SDNS, (Secure Distributed Name Server) a mapping from name to
   signed machine location data.

   In this future the overhead for security is as big as the signature for
   the SDNS record, and the encryption and decryption on the data itself.

   --Lewis

   *the current approach defies the boundary between centralized and
   decentralized. I believe that, in practice, we could better describe it
   as centralized.