Imagine a world un which you generate a pair of keys at home, get some sats, and can pay a TX fee so that you reserve a doman name for yourself for the next 7 years. In such a domain, the ownership of your keys allows you to be your DNS authoritative source AND TLS CA. No intermediaries, no registrars, no other certification authority other than yourself.

This smells as dispair on their side

Thx, I didn't know that one. Still it is yet another "buy my token scheme". We do not need that. You can do it on Bitcoin directly. Send regular a tx with one extra output with a less than 80bytes op_return. That contains the hash Id of a registration. Registrationss are kept track on a side chain. Each registration holds one or more claims. Each claim assigns a too level domain.tld to one or more holder key ids (public key hashes) and an optional signature, requited to prove ownership for claims that change already owned domains. Once the bitcoin block holding the tx that confirms the registration is confirmed, so is that entry on the mempool of the registration protocol. This provides source of truth for both domains and TLS certificates, which must both be signed by one of the domain owner keys to be valid.

@jack know anyone already working on permissionless DNS?