Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <melvincarvalho@gmail.com>) id 1VceR2-000408-6c for bitcoin-development@lists.sourceforge.net; Sat, 02 Nov 2013 16:52:28 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.215.49 as permitted sender) client-ip=209.85.215.49; envelope-from=melvincarvalho@gmail.com; helo=mail-la0-f49.google.com; Received: from mail-la0-f49.google.com ([209.85.215.49]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VceR0-0007ul-Tg for bitcoin-development@lists.sourceforge.net; Sat, 02 Nov 2013 16:52:28 +0000 Received: by mail-la0-f49.google.com with SMTP id ev20so2511757lab.22 for <bitcoin-development@lists.sourceforge.net>; Sat, 02 Nov 2013 09:52:20 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.112.171.228 with SMTP id ax4mr5065136lbc.6.1383411140168; Sat, 02 Nov 2013 09:52:20 -0700 (PDT) Received: by 10.112.159.233 with HTTP; Sat, 2 Nov 2013 09:52:20 -0700 (PDT) In-Reply-To: <CANEZrP2N1DRBcN4JuXKJAodKwk=qNk5hiSnLyx1vbQ1gAd=EhQ@mail.gmail.com> References: <20131102050144.5850@gmx.com> <CANEZrP2UwEX+u0XCxmaMaRWqVMr+3E63UYnVz9oMubbsiJU+6A@mail.gmail.com> <5274FBF7.90301@iki.fi> <CANEZrP2N1DRBcN4JuXKJAodKwk=qNk5hiSnLyx1vbQ1gAd=EhQ@mail.gmail.com> Date: Sat, 2 Nov 2013 17:52:20 +0100 Message-ID: <CAKaEYhKkWGYOGrbmTtziBsDjz3wMPoPWKtfQs6bEK8-a-sfpyw@mail.gmail.com> From: Melvin Carvalho <melvincarvalho@gmail.com> To: Mike Hearn <mike@plan99.net> Content-Type: multipart/alternative; boundary=001a11c3704496945504ea348195 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (melvincarvalho[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1VceR0-0007ul-Tg Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Message Signing based authentication X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Sat, 02 Nov 2013 16:52:28 -0000 --001a11c3704496945504ea348195 Content-Type: text/plain; charset=ISO-8859-1 On 2 November 2013 17:26, Mike Hearn <mike@plan99.net> wrote: > Guys, identity systems for the web are off-topic for this list. Other than > the anonymous passports/SINs/fidelity bond ideas, Bitcoin doesn't have any > relevance to it. > > On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <hannu.kotipalo@iki.fi>wrote: > >> Maybe this is a bit off-topic, but the *real* answer to the question >> "why-is-nobody-using-ssl-client-certificates" is that it would force >> www pages to be encrypted and would make it a lot more difficult for >> NSA to log www-trafic. >> > > No, it wouldn't. You can log a user in using SSL and then redirect the > user back to an encrypted page, using cookies for the rest of the session. > Please don't clutter up this list with conspiracy theories. The brutal > reality is that identity is a hard problem. > Identity need not be a hard problem. In my view it is a solved problem. You have a real world entity translated to a digital format. Yes that can be slightly ambiguous at time, naming is hard, and people do get this wrong frequently. The most common problem is to name something in a way that does not scale. The solution to this problem is rather easy, and that is to use a URI to name something, which makes it global and scalable. In the case of bitcoin you could have use the bitcion URI scheme bitcion:1fhdjkfhjksf... > > > ------------------------------------------------------------------------------ > Android is increasing in popularity, but the open development platform that > developers love is also attractive to malware creators. Download this white > paper to learn more about secure code signing practices that can help keep > Android apps secure. > http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --001a11c3704496945504ea348195 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><br><div class=3D"gmail= _quote">On 2 November 2013 17:26, Mike Hearn <span dir=3D"ltr"><<a href= =3D"mailto:mike@plan99.net" target=3D"_blank">mike@plan99.net</a>></span= > wrote:<br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex"><div dir=3D"ltr">Guys, identity systems for = the web are off-topic for this list. Other than the anonymous passports/SIN= s/fidelity bond ideas, Bitcoin doesn't have any relevance to it.<div cl= ass=3D"gmail_extra"> <br><div class=3D"gmail_quote"><div class=3D"im"> On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <span dir=3D"ltr"><<a hre= f=3D"mailto:hannu.kotipalo@iki.fi" target=3D"_blank">hannu.kotipalo@iki.fi<= /a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:= 0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Maybe this is a bit off-topic, but the *real* answer to the question<br> "why-is-nobody-using-ssl-client-certificates" is that it would fo= rce<br> www pages to be encrypted and would make it a lot more difficult for<br> NSA to log www-trafic.<br></blockquote><div><br></div></div><div>No, it wou= ldn't. You can log a user in using SSL and then redirect the user back = to an encrypted page, using cookies for the rest of the session. Please don= 't clutter up this list with conspiracy theories. The brutal reality is= that identity is a hard problem.</div> </div></div></div></blockquote><div><br></div><div>Identity need not be a h= ard problem.=A0 In my view it is a solved problem.<br><br></div><div>You ha= ve a real world entity translated to a digital format.=A0 Yes that can be s= lightly ambiguous at time, naming is hard, and people do get this wrong fre= quently.<br> <br></div><div>The most common problem is to name something in a way that d= oes not scale.=A0 The solution to this problem is rather easy, and that is = to use a URI to name something, which makes it global and scalable.<br><br> In the case of bitcoin you could have use the bitcion URI scheme<br><br>bit= cion:1fhdjkfhjksf...</div><div>=A0</div><blockquote class=3D"gmail_quote" s= tyle=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div= dir=3D"ltr"> <div class=3D"gmail_extra"><div class=3D"gmail_quote"> </div></div></div> <br>-----------------------------------------------------------------------= -------<br> Android is increasing in popularity, but the open development platform that= <br> developers love is also attractive to malware creators. Download this white= <br> paper to learn more about secure code signing practices that can help keep<= br> Android apps secure.<br> <a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D65839951&iu= =3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam= pad/clk?id=3D65839951&iu=3D/4140/ostg.clktrk</a><br>___________________= ____________________________<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> <br></blockquote></div><br></div></div> --001a11c3704496945504ea348195--