1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <jtimonmv@gmail.com>) id 1U9uZS-0006OE-Fe
for bitcoin-development@lists.sourceforge.net;
Mon, 25 Feb 2013 09:42:06 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.216.54 as permitted sender)
client-ip=209.85.216.54; envelope-from=jtimonmv@gmail.com;
helo=mail-qa0-f54.google.com;
Received: from mail-qa0-f54.google.com ([209.85.216.54])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1U9uZR-00020R-6Q
for bitcoin-development@lists.sourceforge.net;
Mon, 25 Feb 2013 09:42:06 +0000
Received: by mail-qa0-f54.google.com with SMTP id hg5so1436140qab.20
for <bitcoin-development@lists.sourceforge.net>;
Mon, 25 Feb 2013 01:41:26 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.229.171.139 with SMTP id h11mr2394417qcz.67.1361785286754;
Mon, 25 Feb 2013 01:41:26 -0800 (PST)
Received: by 10.49.11.140 with HTTP; Mon, 25 Feb 2013 01:41:26 -0800 (PST)
In-Reply-To: <20130222230851.GO2030@giles.gnomon.org.uk>
References: <20130222230851.GO2030@giles.gnomon.org.uk>
Date: Mon, 25 Feb 2013 10:41:26 +0100
Message-ID: <CABOyFfpy7WEYKKhdoFbEHriCYoHt8hr_5BO992yb_GRV35TmmA@mail.gmail.com>
From: =?ISO-8859-1?B?CUpvcmdlIFRpbfNu?= <jtimonmv@gmail.com>
To: Roy Badami <roy@gnomon.org.uk>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(jtimonmv[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1U9uZR-00020R-6Q
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Key retirement and key compromise
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 25 Feb 2013 09:42:06 -0000
Just create a new wallet and send everything to a new address.
I don't think additional tools for this are needed.
On 2/23/13, Roy Badami <roy@gnomon.org.uk> wrote:
> Has anyone been thinking about providing tools to allow users to cope
> with key compromise - or more generally, to manage key retirement etc?
>
> atm, if you suspect that your keys may be liable to compromise then
> what would you have to do? You'd have to create a new wallet (on a
> new computer? or is it easy to have two coexisting installs on one
> computer?) And then you'd have to make one or more payments from the
> old wallet to the new wallet, to transfer the coins. It's a pain, and
> you've lost your address book, your transaction history, etc. And
> unless you keep the old wallet about, too, you're a bit stuck if
> someone makes a payment to one of the old addresses. It's something
> that most users would baulk at unless they're really sure they're at
> significant risk.
>
> Of course, there are a spectrum of scenarios, ranging from having an
> unencrypted wallet stolen by someone who knows what it is, through to
> deciding that the passphrase you used to use when you only had a few
> dollars worth of BTC maybe isn't good enough now you've got tens of
> thousands of dollars worth of coins. Or maybe you have no reason to
> suspect there is a risk of compromise, but just have a corporate key
> management policy that recommends retiring keys after a period of
> time.
>
> What would be really nice is for bitcoin to have a big key compromise
> button, which would automatically transfer all coins to newly
> generated addresses (optionally with a pause between generation and
> transaction - to allow for a new wallet backup). Optionally, too, the
> compromised/retired addresses could be marked with a flag such that if
> someone sends coins to that address bitcoind immediately generates a
> transaction to transfer the coins to address(es) which are good.
>
> I know deterministic wallets have many proponents - but personally I
> like having a bag of keys - with the idea that over a period of time,
> old keys will routinely be retired and their balances automatically
> transfered to newly generated keys. If someone really manages to
> crack the passphrase on that 10-year-old wallet backup they got hold
> of, then if would be nice to minimise the damage they could do...
>
> And, of course, I want a big panic button that allows me to
> automatically transfer all my coins to new addresses ASAP if I
> suddenly do something stupid, like accidentally type my passphrase
> into my IRC window :-)
>
> Thoughts? Is this functionality that there is any interest in
> developing within the official client? If there is any interest in
> this then obviously the first step would be to specify exactly what
> functionality is wanted...
>
> roy
>
> -------------------------------------------------------------------------=
-----
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_d2d_feb
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
--=20
Jorge Tim=F3n
http://freico.in/
http://archive.ripple-project.org/
|