summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonas Schnelli <dev@jonasschnelli.ch>2016-06-09 08:57:29 +0200
committerbitcoindev <bitcoindev@gnusha.org>2016-06-09 06:57:36 +0000
commit8d29063cd7a0b22df679b65f16e38c616d26fd5d (patch)
treeb724c9da3ec8b0f399f280b47e54ab2da45f1dde
parenta00a21b772dcaaf3186ba490ac980c5f6ce0813d (diff)
downloadpi-bitcoindev-8d29063cd7a0b22df679b65f16e38c616d26fd5d.tar.gz
pi-bitcoindev-8d29063cd7a0b22df679b65f16e38c616d26fd5d.zip
Re: [bitcoin-dev] BIP 151 MITM
-rw-r--r--1c/73e7789554cf160177b90325a956a7350f37eb124
1 files changed, 124 insertions, 0 deletions
diff --git a/1c/73e7789554cf160177b90325a956a7350f37eb b/1c/73e7789554cf160177b90325a956a7350f37eb
new file mode 100644
index 000000000..35f101d83
--- /dev/null
+++ b/1c/73e7789554cf160177b90325a956a7350f37eb
@@ -0,0 +1,124 @@
+Return-Path: <dev@jonasschnelli.ch>
+Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
+ [172.17.192.35])
+ by mail.linuxfoundation.org (Postfix) with ESMTPS id 09C346C
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Thu, 9 Jun 2016 06:57:36 +0000 (UTC)
+X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
+Received: from server3 (server3.include7.ch [144.76.194.38])
+ by smtp1.linuxfoundation.org (Postfix) with ESMTP id B01F613B
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Thu, 9 Jun 2016 06:57:34 +0000 (UTC)
+Received: by server3 (Postfix, from userid 115)
+ id 4F1F62E60545; Thu, 9 Jun 2016 08:57:33 +0200 (CEST)
+X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
+ smtp1.linux-foundation.org
+X-Spam-Level:
+X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1
+ autolearn=ham version=3.3.1
+Received: from Jonass-MacBook-Pro-2.local (cable-static-140-182.teleport.ch
+ [87.102.140.182]) by server3 (Postfix) with ESMTPSA id 85F1D2D003BE
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Thu, 9 Jun 2016 08:57:32 +0200 (CEST)
+To: bitcoin-dev@lists.linuxfoundation.org
+References: <20160608234728.GQ32334@dosf1.alfie.wtf>
+ <CAAS2fgTtu8nqwgrO1u8SRuga6ozcYt7NEDR_tv+cuA3uqgtKvA@mail.gmail.com>
+ <20160609014259.GT32334@dosf1.alfie.wtf>
+From: Jonas Schnelli <dev@jonasschnelli.ch>
+Message-ID: <57591359.4050607@jonasschnelli.ch>
+Date: Thu, 9 Jun 2016 08:57:29 +0200
+User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0)
+ Gecko/20100101 Thunderbird/38.7.2
+MIME-Version: 1.0
+In-Reply-To: <20160609014259.GT32334@dosf1.alfie.wtf>
+Content-Type: multipart/signed; micalg=pgp-sha256;
+ protocol="application/pgp-signature";
+ boundary="fS1qbn8bfdss4oS3cRF3HTOIS1RNhSlsi"
+Subject: Re: [bitcoin-dev] BIP 151 MITM
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.12
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Thu, 09 Jun 2016 06:57:36 -0000
+
+This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
+--fS1qbn8bfdss4oS3cRF3HTOIS1RNhSlsi
+Content-Type: multipart/mixed; boundary="qSRNXs7ik6QbD2j3BUjHUtO9Q5efArpwa"
+From: Jonas Schnelli <dev@jonasschnelli.ch>
+To: bitcoin-dev@lists.linuxfoundation.org
+Message-ID: <57591359.4050607@jonasschnelli.ch>
+Subject: Re: [bitcoin-dev] BIP 151 MITM
+References: <20160608234728.GQ32334@dosf1.alfie.wtf>
+ <CAAS2fgTtu8nqwgrO1u8SRuga6ozcYt7NEDR_tv+cuA3uqgtKvA@mail.gmail.com>
+ <20160609014259.GT32334@dosf1.alfie.wtf>
+In-Reply-To: <20160609014259.GT32334@dosf1.alfie.wtf>
+
+--qSRNXs7ik6QbD2j3BUjHUtO9Q5efArpwa
+Content-Type: text/plain; charset=windows-1252
+Content-Transfer-Encoding: quoted-printable
+
+Hi
+
+> On Thu, Jun 09, 2016 at 01:24:09AM +0000, Gregory Maxwell wrote:
+>> Reduction to plaintext isn't an interesting attack vector for an activ=
+e
+>> attacker: they can simply impersonate the remote side.
+>>
+>> This is addressed via authentication, where available, which is done b=
+y a
+>> separate specification that builds on this one.
+>=20
+> Are there any links to discussions on how authentication may be done?
+
+I'm currently working on the Auth-BIP which is not worth reviewing it
+right now (I will post it to the mailing list once it has been reached a
+stable level where it can be discusses).
+
+If you can't wait, here is the current work:
+https://github.com/jonasschnelli/bips/blob/35d7e382cdd6955ff42726c3d06c44=
+e33f61ae52/bip-undef-0.mediawiki
+
+
+Most recent MITM/auth discussion (there where plenty of discussions on
+IRC about this topic):
+https://botbot.me/freenode/bitcoin-core-dev/2016-04-04/?msg=3D63463826&pa=
+ge=3D3
+
+
+</jonas>
+
+
+--qSRNXs7ik6QbD2j3BUjHUtO9Q5efArpwa--
+
+--fS1qbn8bfdss4oS3cRF3HTOIS1RNhSlsi
+Content-Type: application/pgp-signature; name="signature.asc"
+Content-Description: OpenPGP digital signature
+Content-Disposition: attachment; filename="signature.asc"
+
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2
+
+iQIcBAEBCAAGBQJXWRNZAAoJECnUvLZBb1PsmLQP/iIpjnYgQL7q0BEToEh6BYWH
+thz2P5UwKT+/2ZhC79e3vdC4LfP4iNJ8Ap19SaVydfADajtjSP2jA3RvD4XYkDYc
+iSGdsLU/tBXlbWK2rBxPXrTkoLmt94tJC52O+4AZRnfUMtgN/YDzCuw5xgfw/sxc
+0uHBQFVhVhbZ7ZPegmfCIKIxA5spNZu+34M6igJoV9nmqFC5/v5LsPDdzClXDU2k
+wLukATtST+UAWiErZ4dVG/ckIwZyxo15kdpkl+9qBxlz9BCSwvRN9g35PAdkHPDk
+j6PnHzO1AuXBFBI/oATMrYvjIztMrkQjauv/bYc1YK9+vPY9bAp8F31Ez9YYTTFn
+hJm07UON7FXn5wgrx2UcR+UbXlmIEuCbGTQR79k44lrv8FWq1rzD/5yuW6EOlA/K
+vhPeaifs1+zjG14PxOMQVZCfdy5PGDR17Xhcr7OFNZt9YEQiscpweTfJAD+PTpHn
+ru1NowGEKfdDiLAHHaIRLe4hHTdknt5O/81f6/MxpqxktJ+M5GY6q11hX5mohkC6
+PZieEa3jZc8CL+tfgGLL1qclnUhzjO49yf8KLkKeHst4nCakLPW1X8OzmyJO8aYw
+L6/BTS5MpTNyVlYCgyN0yeEOnS5UvHmXVFNrnUlAbgZAhJgRTGyHpWDuprBzdga3
+BVx/3Xib0Wl7oarnEvuM
+=l2Zx
+-----END PGP SIGNATURE-----
+
+--fS1qbn8bfdss4oS3cRF3HTOIS1RNhSlsi--
+