If computer A wants to connect securely to computer B, and it doesn't want its connection to be MITM'd, computer A trusts a 3rd party (computer C) to tell it that computer B is really computer B and not a fake. If you take over the DNS system (which is your version of computer C in my example) you get to write anything to computer A and it will believe it.

The whole idea behind a MITM is that an attacker controls communication between A and B, and ideally also controls communication between A and C. Just controlling the network isn't enough to subvert the connection, though, because an attacker would need to control one of A, B, or C.

If you are the NSA, and you write up a very nice National Security Letter and go to computer C and say "make a fake DNS record for me, because terrorism," you now get to write blank checks for yourself and computers A and B have effectively no idea that their connection is now subject to MITM.

Specifically to exploit your system all you'd need to do is create a fake A record pointing to computer D, and a fake public key record which matches the PGP key and SSL cert of computer D. If you weren't using DNSSEC you could do this on a regular open wireless network with no extra hacking needed. If you are using DNSSEC (and a mandatory validating stub resolver, which Windows doesn't ship with) you'd need to take over the root DNS servers or the registrar which feeds records to the .com. root DNS servers. But the NSA can do all that. Probably others too.

So, again, it's the exact same state we're in with the CAs, with the exception that DNS would be less secure because the client (computer A) doesn't have any public keys/ca certs stored on it to verify the DNS servers or domains against.

The system I've laid out would be significantly more secure and less spoof-able than the current system. Further, DNSSEC becomes entirely unnecessary...

Also, it is entirely possible to create a registrar which would store all user record data in an encrypted store which could also be encrypted using a domain owner provided public key... if this were added to the architecture, no government entity could modify anything regarding a domain - except replacement of the entire record.

Of course, since the entire system current and any possible future Internet relies upon computers and networks that are explicitly not under the control of the content provider - any government can at any time break the system... This is always going to be true of any and every system of wide networks.

EDIT: Computer A and B need a third entity C to validate A to B and B to A. True... However, this does not need to be a computer -- it could very well be a cryptographically generated unique ID... In my example "C" is the PGP ID. However, it could be any cryptographic item that is tied to the domain record and only modifiable using the private key that generated the unique cryptographic item... for example, it could be a bit coin address.

This is the entire reason we are trying to get away from CAs! What we have works perfectly fine. The only reason anyone wants to get away from it is to prevent state actors from overriding a CA's authority. If you want to just reinvent the wheel with the DNS system, use RFC 6698.

However, my personal reasons to discard the current CA system is to enable secure communications from multiple subdomains without the need to pay a $500 rental fee for a wildcard identity+cert --- As well as enable secure passwordless access to A/MX records without fear of compromise.

The government is going to be able to break any system that's put out there. At the very least, a government can disrupt IP traffic in and out of a node. There is always going to be an open addressing scheme, unless the network is an encrypted peer-to-peer network with every node attempting to decrypt every packet... I seem to remember reading about a block chain peer-to-peer data network being developed. However, my guess is that overhead bandwidth limitations will be a problem for large networks.