Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Vxzwo-0006mo-EI for bitcoin-development@lists.sourceforge.net; Tue, 31 Dec 2013 14:05:30 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.51 as permitted sender) client-ip=209.85.219.51; envelope-from=benjamin.l.cordes@gmail.com; helo=mail-oa0-f51.google.com; Received: from mail-oa0-f51.google.com ([209.85.219.51]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Vxzwn-00068n-EJ for bitcoin-development@lists.sourceforge.net; Tue, 31 Dec 2013 14:05:30 +0000 Received: by mail-oa0-f51.google.com with SMTP id i7so13057288oag.38 for ; Tue, 31 Dec 2013 06:05:24 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.182.49.166 with SMTP id v6mr48360235obn.13.1388498723999; Tue, 31 Dec 2013 06:05:23 -0800 (PST) Received: by 10.182.233.13 with HTTP; Tue, 31 Dec 2013 06:05:23 -0800 (PST) In-Reply-To: References: <52A3C8A5.7010606@gmail.com> <1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net> <52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org> <20131212205106.GA4572@netbook.cypherspace.org> Date: Tue, 31 Dec 2013 15:05:23 +0100 Message-ID: From: Benjamin Cordes To: Gregory Maxwell Content-Type: multipart/alternative; boundary=047d7b5d2ea437136304eed50d03 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (benjamin.l.cordes[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Vxzwn-00068n-EJ Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org, your thoughts? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Dec 2013 14:05:30 -0000 --047d7b5d2ea437136304eed50d03 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable Interesting. I think the original BitDNS discussion was more interesting that what currently is happening with namecoin, see https://bitcointalk.org/index.php?topic=3D1790.0 Satoshi said there: "1) IP records don't need to be in the chain, just do registrar function not DNS. And CA problem solved, neat." Besides, ICANN is currently selling out the global public namespace - not that anybody really cares about such measly topics as the ownership of global namespaces. And so some guy on the Cayman Islands is now the largest holder of TLD's. On Tue, Dec 31, 2013 at 2:48 PM, Gregory Maxwell wrote= : > On Tue, Dec 31, 2013 at 5:39 AM, Drak wrote: > > The NSA has the ability, right now to change every download of > bitcoin-qt, > > on the fly and the only cure is encryption. > > Please cut it out with the snake oil pedaling. This is really over the > top. You're invoking the NSA as the threat here? Okay. The NSA can > trivially compromise an HTTPS download site: even ignoring the CA > insecurity, and government run CAs certificate authorities issue CA > certs to random governments and corporations for dataloss prevention > purposes. Not to mention unparalleled access to exploits. > > The downloads are protected by something far stronger than SSL > already, which might even have a chance against the NSA. Actual > signatures of the downloads with offline keys. > > I'm all pro-SSL and all that, but you are=97 piece by piece=97 really > convincing me that it produces an entirely false sense of security > which is entirely unjustified. > > > -------------------------------------------------------------------------= ----- > Rapidly troubleshoot problems before they affect your business. Most IT > organizations don't have a clear picture of how application performance > affects their revenue. With AppDynamics, you get 100% visibility into you= r > Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics > Pro! > http://pubads.g.doubleclick.net/gampad/clk?id=3D84349831&iu=3D/4140/ostg.= clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --047d7b5d2ea437136304eed50d03 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: quoted-printable
Interesting. I think the original BitDNS discussion was mo= re interesting that what currently is happening with namecoin, see https://bitcointalk.o= rg/index.php?topic=3D1790.0

Satoshi said there: "1) IP records don't need to be in the cha= in, just do registrar function not DNS. =A0And CA problem solved, neat.&quo= t;

Besides, ICANN is currently selling out the global public namesp= ace - not that anybody really cares about such measly topics as the ownersh= ip of global namespaces. And so some guy on the Cayman Islands is now the l= argest holder of TLD's.

On Tue, Dec 31, 2= 013 at 2:48 PM, Gregory Maxwell <gmaxwell@gmail.com> wrote:=
On Tue, Dec 31, 2013 at 5:39 AM, Drak <drak@zikula.org> wrote:
> The NSA has the ability, right now to change every download of bitcoin= -qt,
> on the fly and the only cure is encryption.

Please cut it out with the snake oil pedaling. This is really over th= e
top. You're invoking the NSA as the threat here? Okay. The NSA can
trivially compromise an HTTPS download site: even ignoring the CA
insecurity, and government run CAs certificate authorities issue CA
certs to random governments and corporations for dataloss prevention
purposes. Not to mention unparalleled access to exploits.

The downloads are protected by something far stronger than SSL
already, which might even have a chance against the NSA. Actual
signatures of the downloads with offline keys.

I'm all pro-SSL and all that, but you are=97 piece by piece=97 really convincing me that it produces an entirely false sense of security
which is entirely unjustified.

---------------------------------------------------------------------------= ---
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance=
affects their revenue. With AppDynamics, you get 100% visibility into your<= br> Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynami= cs Pro!
http://pubads.g.doubleclick.net/gam= pad/clk?id=3D84349831&iu=3D/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment

--047d7b5d2ea437136304eed50d03--