Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 11296B75 for ; Thu, 9 Mar 2017 01:08:06 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pg0-f41.google.com (mail-pg0-f41.google.com [74.125.83.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 611D1258 for ; Thu, 9 Mar 2017 01:08:05 +0000 (UTC) Received: by mail-pg0-f41.google.com with SMTP id 25so19594856pgy.0 for ; Wed, 08 Mar 2017 17:08:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=voskuil-org.20150623.gappssmtp.com; s=20150623; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to; bh=S5XrC9PwTZpc6g2BMhwsk5RvbWTonBbTYyqiUe3MAfo=; b=yXguK7FKq92jt/YsupFfTtbNX0OnHmF3lXYKRXvhqLJrTo1WWZ4WEVU33aoa2HhCp1 ZRxjjoLy1WJx0M2dXYGXkzSFzveDpoH5jEOOVKvAyVEvuVmKOmbi4+hdmX7bsDIQUbyS +aFcC+VdiMfJ8Q65evJwV1QXpqPf1SSgfMWAkzBgGSH0LQZAmHhp8EenA+rP+DmlXdk4 XkKE9EKYlnBwlvlX5VwqayzsM4h7jdC7rS+ekkF9fvU0fbQQn12lMKfnd2Xx9KffLzDA O9HdTGwtk0laXn43geL91yddrNkGiT6JOuFVv+GWCWk4L5InNzxpGLakuU3sl38lXeYf 5f3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to; bh=S5XrC9PwTZpc6g2BMhwsk5RvbWTonBbTYyqiUe3MAfo=; b=ANe2+KFlo3o4W7FQXSKgiRj2b0YEp4WQdaE4uAEw4zAukAqpKvVhsCjWFqHh6RNB7b 97hRwY5XRXc68/fVTqd87Bzncbtj8mmOyfO2Rmjur3tHDjdAqjS1p8z6Lpy5iZ/52dJ7 0nKFoP9hbFioynKSFWX3HuqnErMrUoiBmRa+r/GnQpZnNdVjM8h53hy8JUnidn/JWFKr INuhXW5gf0N+KV4PWMhMQ34jd2rAoEku7vttVn3E3RC8JBZeVG25RuIOVtynRnk9E58B qzlKmwaNK1Pw0j2uKnOGCb7SK7kP6yRudFfxld4vL6ILQgiS4vQwu9fVOfI/lVG8cxxG 3sbg== X-Gm-Message-State: AMke39ld0HDXgVuRR5DdSVwK5WBlP4ed3HsaE3a+B+j5Xnkuxvm5+1RZ8Bjqq8KfW6K5nQ== X-Received: by 10.99.143.18 with SMTP id n18mr10515852pgd.177.1489021684814; Wed, 08 Mar 2017 17:08:04 -0800 (PST) Received: from ?IPv6:2601:600:9000:d69e:ed9e:f718:c16a:40c9? ([2601:600:9000:d69e:ed9e:f718:c16a:40c9]) by smtp.gmail.com with ESMTPSA id m136sm8413255pga.22.2017.03.08.17.08.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 08 Mar 2017 17:08:03 -0800 (PST) To: Jonas Schnelli References: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch> <31FB94D1-5B5B-43EF-AFD8-2A7508464F7C@jonasschnelli.ch> From: Eric Voskuil X-Enigmail-Draft-Status: N1110 Message-ID: <056457a2-7cae-e54d-1eab-681dcf4be002@voskuil.org> Date: Wed, 8 Mar 2017 17:08:04 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1 MIME-Version: 1.0 In-Reply-To: <31FB94D1-5B5B-43EF-AFD8-2A7508464F7C@jonasschnelli.ch> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="JNjn99LDsLV34twhFRS4C2xmN80jUACrT" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Thu, 09 Mar 2017 01:13:40 +0000 Cc: Bitcoin Protocol Discussion , Libbitcoin Development Subject: Re: [bitcoin-dev] Unique node identifiers X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 01:08:06 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JNjn99LDsLV34twhFRS4C2xmN80jUACrT Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 03/08/2017 01:20 PM, Jonas Schnelli wrote: > >> Am 08.03.2017 um 22:09 schrieb Eric Voskuil : >> >> On 03/08/2017 11:47 AM, Jonas Schnelli wrote: >>>>> Nodes are by design not supposed to be identifiable in any way >>>> >>>> This is of course my objection to BIP150 ("a way for peers to ... >>>> guarantee node ownership=E2=80=9C). >>> >>> Please Eric. Stop spreading FUD. >> >> I'm always willing to debate this issue. I'm generally a little >> suspicious of one who demands another person to stop arguing. I got at= >> least one such demand (along with a threat) on this subject privately >> last summer from a notable Core dev. There is a lengthy thread on this= >> subject in which I raised these issues. Everyone is free to review tha= t >> discussion. > What you did say in the sentence above (and I think is FUD) is, that BIP150 will lead to every node being identifiable. My argument against BIP150 (and 151) is based on the very real concern that it provides a built-in mechanism to partition the network (while also providing no meaningful privacy benefit). > This is just completely wrong. The only actual argument that I have seen from *anyone* to date is that this is *unlikely* to happen. That was specifically Pieter's position last summer. That argument is not technical but instead based on blind trust in people. The common refrain, which Pieter has penned again in a follow-up to this post, is that we already have identity in terms of IP addresses, so what's the harm. I find this argument ironic given that one of the arguments in favor of this proposal is that IP address identification is insufficient to establish identity. I assume that you both understand there is a very meaningful distinction between strong identity and weak identity. The other argument that is often given is that, because we are talking about privately shared as opposed to published identifiers, there is no reason for concern. This entirely misses the point. The ability to establish strong identity makes it trivial for someone to (strongly) require the identity of anyone with who he/she allows a connection. This is the *stated purpose* of BIP150. This turns the Bitcoin security model on its head. Instead of validating content this validates people. Given the current level of economic and hash power centralization it is not at all hard to imagine that through fear/consequences of regulatory controls or even poor scalability, that these points of centralization will eventually start by establishing private connections, and eventually require anyone connecting to them to "preshare" an identifier (which of course identifies the person). At that point Bitcoin P2P will have become a private network. I know you have the right motivation, but I do not understand why you would ignore this risk in exchange for a false sense of privacy. There is a very clear path to this happening. So please explain to me how this concern is "wrong". This is *not* a technical question, I know perfectly well how the scheme works. > There is nothing to say against a technical debate (and we had this), but I will ask you to stop if I see you attacking BIP150/151 at every occasion with FUDish arguments like this. Take a step back and consider that there may in fact be serious consequences to what you are proposing. Calling may arguments "attacking" and "FUD" is unproductive. e --JNjn99LDsLV34twhFRS4C2xmN80jUACrT Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQEcBAEBAgAGBQJYwKr1AAoJEDzYwH8LXOFOeQoIAJC29LvgQmm4rPPQcvACd6Nj BehzJIvoa6svKJGB+nZltmgHVYuHFvqiVlpCvMZHqndE7nuqLjnWQPPRHUgClAr1 0AoU7Lc87rIG8XAJvSgKhsnkVTDcJRFsfh+p1DF8VSe5rO49Wf4a/FM42O4jcMDY nRbXeHIKtjU/V7egWmsNM5jYq0Po0IXAo/QxfN72qV5tqVinxwbRnlI3a+BaBZZO OMbQ4IPsVtJ5BS+hqA01OzOPSjG4R2ryZ6c+OMcnLoOBlp+6YL6b9IstA/mLxX9e iltjUuLcrCr+l2Vop7bh6DE1kkddZ/AWZuLWnOdoX0K06/hCWONwHPu2Nglrn6g= =sxOL -----END PGP SIGNATURE----- --JNjn99LDsLV34twhFRS4C2xmN80jUACrT--