Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <rick.wesson@iidf.org>) id 1QlkqX-00083g-7c
	for bitcoin-development@lists.sourceforge.net;
	Tue, 26 Jul 2011 16:51:05 +0000
X-ACL-Warn: 
Received: from mail-gy0-f175.google.com ([209.85.160.175])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1QlkqW-0004TW-6f
	for bitcoin-development@lists.sourceforge.net;
	Tue, 26 Jul 2011 16:51:05 +0000
Received: by gyd12 with SMTP id 12so501561gyd.34
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 26 Jul 2011 09:50:58 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.150.207.19 with SMTP id e19mr2056430ybg.126.1311699058669;
	Tue, 26 Jul 2011 09:50:58 -0700 (PDT)
Received: by 10.151.114.15 with HTTP; Tue, 26 Jul 2011 09:50:58 -0700 (PDT)
In-Reply-To: <1311697476.23041.7.camel@Desktop666>
References: <CAJ1JLts5_r6hHoJR-gS-CuuvS00p=RQ6iYbCyOkBDcvgs1xtew@mail.gmail.com>
	<1311644156.29866.4.camel@Desktop666>
	<CAJ1JLts9vcF7bGo8udK9OicWhAUHvmeFDrZQDKBoGQbp-nYGrw@mail.gmail.com>
	<1311678417.21495.9.camel@Desktop666>
	<CAJ1JLtvHubiC_f_a17fnXODs54CCdmxPf8+Zz4M5X9d8VEfFSQ@mail.gmail.com>
	<1311691885.23041.2.camel@Desktop666>
	<CAJ1JLtsLXEPFkBuHf6ZKUSVYUnY+NL7TtsEswGvdTYtrZZTXWw@mail.gmail.com>
	<1311697476.23041.7.camel@Desktop666>
Date: Tue, 26 Jul 2011 09:50:58 -0700
Message-ID: <CAJ1JLtskNnCB1cbUBht3oAVWuYPSF82GoNacMbqcN0YGd5Pvxw@mail.gmail.com>
From: Rick Wesson <rick@support-intelligence.com>
To: Matt Corallo <bitcoin-list@bluematt.me>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.4 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	0.4 AWL AWL: From: address is in the auto white-list
X-Headers-End: 1QlkqW-0004TW-6f
Cc: bitcoin-development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] bitcoin DNS addresses
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 26 Jul 2011 16:51:05 -0000

[snip]

> I totally agree, however I don't think DNS-based resolving is a good
> idea here. =A0HTTPS does have several advantages over a DNSSEC-based
> solution without any significant drawbacks that I can see.

To restate your (con dnssec) points:
   o DNS resolution of bitcoin addresses is bad because of potential
MITM attacks
   o DNSSEC is not a security measure for mitigating DNS resolution of
bitcoin addresses
      because the application would require its own dnssec enabled stub res=
olver

Please restate
   o HTTPS is your preferred method for resolution because?

If you can enumerate your advantages so I can develop a proper
response to the points you have raised.

thanks,

-rick