Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WW63D-0005k3-So for bitcoin-development@lists.sourceforge.net; Fri, 04 Apr 2014 15:29:03 +0000 X-ACL-Warn: Received: from mail-ob0-f170.google.com ([209.85.214.170]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WW63C-0006YM-Qb for bitcoin-development@lists.sourceforge.net; Fri, 04 Apr 2014 15:29:03 +0000 Received: by mail-ob0-f170.google.com with SMTP id uz6so3658244obc.15 for ; Fri, 04 Apr 2014 08:28:57 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=+s/X2dw2gQ6i4SAJWdXfxmYOe5i3k+NmtmiZ9gYXI1A=; b=XZRZZx/4yRzM9Ste5ykq1s1f2m9N1gNw9c37Ee9S2vo5Vr7vSh6wa9J0Nhf68lDjiJ pA3EibnSWH0vkTX1evG/Y9w+4YOFfuolpSnF34q/KtatSJklRIsZSXwmsvaSJgbYrQSB I6IqcEJrGsgVC8Y9Naa74hgcNFKXZswbSuCPZf8jLBRkxBl43NIiyix35Ydjf5ENiAGS 0VTr7v/Q6rB5aVJHcutFvkyo34jK5Dw/fKbEmziDhGh0XVAITt7qPwUDOTC/Xlb9wqex bu34e9HHaEQ8Zw+N0jZRpoBFcffwnfqKgFAeXoFve9iinJ4hQs+aTn4/zcw0h4F9Kmq5 yq+A== X-Gm-Message-State: ALoCoQmiDIdfeQF7eWSk78Sv7HMsvz3DQtHzT5YMzrHuJL1PG0fGuord1nzlvq8JNuqmRAiRrcSe X-Received: by 10.60.157.167 with SMTP id wn7mr20155041oeb.7.1396625337376; Fri, 04 Apr 2014 08:28:57 -0700 (PDT) MIME-Version: 1.0 Sender: marek@palatinus.cz Received: by 10.60.102.9 with HTTP; Fri, 4 Apr 2014 08:28:27 -0700 (PDT) In-Reply-To: References: From: slush Date: Fri, 4 Apr 2014 17:28:27 +0200 X-Google-Sender-Auth: yAIqSTQ0GQ9wIl3aTD6ZZ372BSc Message-ID: To: =?ISO-8859-1?Q?Eric_Larchev=EAque?= Content-Type: multipart/alternative; boundary=047d7bd6b1f61f014e04f6392d56 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (slush[at]centrum.cz) 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1WW63C-0006YM-Qb Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Apr 2014 15:29:04 -0000 --047d7bd6b1f61f014e04f6392d56 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On Fri, Apr 4, 2014 at 5:09 PM, Eric Larchev=EAque wrote= : > On Fri, Apr 4, 2014 at 4:56 PM, slush wrote: > >> I'm cracking my head for many months with the idea of using TREZOR for >> web auth purposes. Unfortunately I'm far from any usable solution yet. >> >> My main comments to your BIP: Don't use bitcoin addresses directly and >> don't encourage services to use this "login" for financial purposes. Mik= e >> is right, mixing authentication and financial services is wrong. Use som= e >> function to generate other private/public key from bitcoin's seed/privat= e >> key to not leak bitcoin-related data to website. >> >> > I'm probably very naive, but the fact that the authentication key is your > Bitcoin address was for me a great feature :) > What are the risks associated of id yourself with a bitcoin address you > plan to use on the website for transaction ? > > Ideally you should not reuse the address, so the website will need more addresses or bip32 xpub anyway. By using wallet address and accidentally using such address in some transaction, you may be leaking your identity with with other business - think about Silkroad (sorry Mike :-). By using derived key, you can be sure your identity won't be linked with any other activity on the internet. I mean, what is the difference between doing that, and id with a login/pass > and add your bitcoin address in a settings field ? (knowing you could > always find a mechanism to transfer the account to another bitcoin addres= s > if needed) > > *) You can change address in settings field. It's not so easy when addres= s =3D=3D your identity. *) There's plenty of websites which do need authentication but don't need to know your bank account / bitcoin address at all. Facebook, Gmail, Twitter ... Ideally, the user should not care about "what address do I use for this service", because in the future user should not care about addresses at all (handling of private keys is already eliminated by bip32, handling of raw addresses may be eliminated soon by bip70 or similar solutions). I can imagine that the private/public data will be derived automatically from some secret master key (ideally derived from bip32 seed, which is already secured well by the user) and the URL of the service. Marek --047d7bd6b1f61f014e04f6392d56 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
On F= ri, Apr 4, 2014 at 5:09 PM, Eric Larchev=EAque <elarch@gmail.com> wrote:
=
On Fri, Apr 4, 2014 at 4:56 PM, = slush <slush@centrum.cz> wrote:
I'm cracking my head for many months with the idea of = using TREZOR for web auth purposes. Unfortunately I'm far from any usab= le solution yet.

My main comments to your BIP: Don't= use bitcoin addresses directly and don't encourage services to use thi= s "login" for financial purposes. Mike is right, mixing authentic= ation and financial services is wrong. Use some function to generate other = private/public key from bitcoin's seed/private key to not leak bitcoin-= related data to website.


I'm probabl= y very naive, but the fact that the authentication key is your Bitcoin addr= ess was for me a great feature :)
What are the risks associated o= f id yourself with a bitcoin address you plan to use on the website for tra= nsaction ?


Ideally y= ou should not reuse the address, so the website will need more addresses or= bip32 xpub anyway.

By using wallet address and ac= cidentally using such address in some transaction, you may be leaking your = identity with with other business - think about Silkroad (sorry Mike :-).

=A0By using derived key, you can be sure your identity = won't be linked with any other activity on the internet.

=
I mean, what is the difference between doing that, and id with = a login/pass and add your bitcoin address in a settings field ? (knowing yo= u could always find a mechanism to transfer the account to another bitcoin = address if needed)

*) You can= change address in settings field. It's not so easy when address =3D=3D= your identity.
*) =A0There's plenty of websites which do nee= d authentication but don't need to know your bank account / bitcoin add= ress at all. Facebook, Gmail, Twitter ...

Ideally, the user should not care about "what addr= ess do I use for this service", because in the future user should not = care about addresses at all (handling of private keys is already eliminated= by bip32, handling of raw addresses may be eliminated soon by bip70 or sim= ilar solutions).

I can imagine that the private/public data will be deri= ved automatically from some secret master key (ideally derived from bip32 s= eed, which is already secured well by the user) and the URL of the service.= =A0

Marek
--047d7bd6b1f61f014e04f6392d56--