HIP-xxxx: Stateless DANE clients

[buffrr]

This is the closest model I can imagine to mainstream browser support for Handshake & DANE. The proposed client should be fairly easy to implement especially on Chromium-based browsers since certificate validation is completely offline as long as the client has a known recent name tree root. The certificate verifier in Chromium can be modified to just read the certificate and find a validation path to the tree root without doing any network lookups.

This is almost what Beacon browser does but this HIP will make things much simpler and faster. Beacon browser will likely switch to this once a proof of concept implementation exists that actually proves this works well. Here's some advantages of the proposed client:

• Private: DNS queries can be fully encrypted and routed over VPNs, Tor ... etc no need to rely on port 53. It also do not leak proof requests to full nodes.
• Incredibly fast: can verify DANE for Handshake sites trustlessly as fast as traditional CAs with zero additional network lookups.
• Scalable: Stays off full nodes. Proofs are the web server's responsibility.
• Super reliable & lightweight: does not need to rely on several network lookups to fetch DNSSEC chain, TLSA, and proof requests just to verify a single certificate which makes connections less flaky.
• Stateless: Only needs to store minimal state this can be improved with STARK based proofs. It does not even need to maintain a stateful connection to full nodes!

To sync less often though the proposed client suggests only syncing once a day. For a root zone once a day is more than enough and keeps load off full nodes. This will be up to the implementer to decide how often to sync & update the tree roots. The standard permits clients to stay off the handshake network for a up to a week and continue to verify with the latest cached tree root.