Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WUaM9-0004NS-Lm for bitcoin-development@lists.sourceforge.net; Mon, 31 Mar 2014 11:26:21 +0000 X-ACL-Warn: Received: from slow1-d.mail.gandi.net ([217.70.178.86]) by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1WUaM7-0005S4-S0 for bitcoin-development@lists.sourceforge.net; Mon, 31 Mar 2014 11:26:21 +0000 Received: from relay4-d.mail.gandi.net (relay4-d.mail.gandi.net [217.70.183.196]) by slow1-d.mail.gandi.net (Postfix) with ESMTP id F094F47A026 for ; Mon, 31 Mar 2014 13:15:20 +0200 (CEST) Received: from mfilter15-d.gandi.net (mfilter15-d.gandi.net [217.70.178.143]) by relay4-d.mail.gandi.net (Postfix) with ESMTP id 313C7172098; Mon, 31 Mar 2014 13:15:14 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mfilter15-d.gandi.net Received: from relay4-d.mail.gandi.net ([217.70.183.196]) by mfilter15-d.gandi.net (mfilter15-d.gandi.net [10.0.15.180]) (amavisd-new, port 10024) with ESMTP id 1laJjErrYzL3; Mon, 31 Mar 2014 13:15:12 +0200 (CEST) X-Originating-IP: 178.50.82.118 Received: from [10.53.66.118] (ptra-178-50-82-118.mobistar.be [178.50.82.118]) (Authenticated sender: chris.dcosta@meek.io) by relay4-d.mail.gandi.net (Postfix) with ESMTPSA id 898EC1720B2; Mon, 31 Mar 2014 13:15:07 +0200 (CEST) References: <5339418F.1050800@riseup.net> Mime-Version: 1.0 (1.0) In-Reply-To: <5339418F.1050800@riseup.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: <51C10069-5C3B-462A-9184-669ABC6CD9D0@meek.io> X-Mailer: iPhone Mail (11B651) From: Chris D'Costa Date: Mon, 31 Mar 2014 13:14:49 +0200 To: vv01f X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [217.70.178.86 listed in list.dnswl.org] X-Headers-End: 1WUaM7-0005S4-S0 Cc: "bitcoin-development@lists.sourceforge.net" Subject: Re: [Bitcoin-development] secure assigned bitcoin address directory X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 31 Mar 2014 11:26:21 -0000 Security of transmission of person-to-person pay-to addresses is one of the u= se cases that we are addressing on our hardware wallet.=20 I have yet to finish the paper but in a nutshell it uses a decentralised led= ger of, what we refer to as, "device keys".=20 These keys are not related in any way to the Bitcoin keys, (which is why I'm= hesitating about discussing it here) neither do they even attempt to identi= fy the human owner if the device. But they do have a specific use case and t= hat is to provide "advanced knowledge" of a publickey that can be used for e= ncrypting a message to an intended recipient, without the requirement for a t= hird-party CA, and more importantly without prior dialogue. We think it is t= his that would allow you to communicate a pay-to address to someone without s= eeing them in a secure way. As I understand it the BlockChain uses "time" bought through proof of work t= o establish a version of the truth, we are using time in the reverse sense := advanced knowledge of all pubkeys. Indeed all devices could easily check th= eir own record to identify problems on the ledger. There is of course more to this, but I like to refer to the "distributed led= ger of device keys" as the "Web-of-trust re-imagined" although that isn't st= rictly true. Ok there you have it. The cat is out of the bag, feel free to give feedback,= I have to finish the paper, apologies if it is not a topic for this list. Regards Chris D'Costa > On 31 Mar 2014, at 12:21, vv01f wrote: >=20 > Some users on bitcointalk[0] would like to have their vanity addresses > available for others easily to find and verify the ownership over a kind > of WoT. Right now they sign their own addresses and quote them in the > forums. > As I pointed out there already the centralized storage in the forums is > not secury anyhow and signed messages could be swapped easily with the > next hack of the forums. >=20 > Is that use case taken care of in any plans already? >=20 > I thought about abusing pgp keyservers but that would suit for single > vanity addresses only. > It seems webfinger could be part of a solution where servers of a > business can tell and proof you if a specific address is owned by them. >=20 > [0] https://bitcointalk.org/index.php?topic=3D502538 > [1] https://bitcointalk.org/index.php?topic=3D505095 >=20 > --------------------------------------------------------------------------= ---- > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development