Identity authentication is crucial for internet security, the widely adopted authentication technology relies on PKI system to issue certificates for servers, thus strongly depend on CA, which may face problems including key leakage and single point failure. Based on Blockchain and DNSSEC technology, this study puts forward a new model for identity authentication which can perform two-way authentication between server and client. In the mean time, improvements are made to user certificate for the management of trustable device of users thus enhance security and flexibility. This paper briefly summaries recent research in identity authentication technology at the beginning. Then it provides a thoroughly description of the new model, including the structure, work flow, and main functionality. At last, the paper analyzes the model and provides an example case.