1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
Return-Path: <pete@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id DFAE8A58
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 30 Jun 2016 19:06:18 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from outmail148109.authsmtp.co.uk (outmail148109.authsmtp.co.uk
[62.13.148.109])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id 9E39F13A
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 30 Jun 2016 19:06:17 +0000 (UTC)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232])
by punt22.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5UJ6Grg004518;
Thu, 30 Jun 2016 20:06:16 +0100 (BST)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
[52.5.185.120]) (authenticated bits=0)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5UJ6Dvw036040
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
Thu, 30 Jun 2016 20:06:14 +0100 (BST)
Received: from [127.0.0.1] (localhost [127.0.0.1])
by petertodd.org (Postfix) with ESMTPSA id BFB4D4010C;
Thu, 30 Jun 2016 19:04:01 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
id 2DE6A2056F; Thu, 30 Jun 2016 15:06:13 -0400 (EDT)
Date: Thu, 30 Jun 2016 15:06:13 -0400
From: Peter Todd <pete@petertodd.org>
To: Eric Voskuil <eric@voskuil.org>
Message-ID: <20160630190613.GA6758@fedora-21-dvm>
References: <577234A4.3030808@jonasschnelli.ch>
<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
<20160629111728.GO13338@dosf1.alfie.wtf>
<2981A919-4550-4807-8ED9-F8C51B2DC061@voskuil.org>
<57750EAB.3020105@jonasschnelli.ch>
<426C2AA3-BFB8-4C41-B4DF-4D6CC11988B2@voskuil.org>
<577513DB.60101@jonasschnelli.ch>
<F4BDD091-FD80-4EE9-93EF-735B6BBE253C@voskuil.org>
<20160630165227.GA5816@fedora-21-dvm>
<663B51FE-D8D5-4570-ACA6-D1405D98C773@voskuil.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="yrj/dFKFPuw6o+aM"
Content-Disposition: inline
In-Reply-To: <663B51FE-D8D5-4570-ACA6-D1405D98C773@voskuil.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: b7a4c32d-3ef5-11e6-829e-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdQIUEkAaAgsB AmAbWVReUFt7WGY7 bghPaBtcak9QXgdq
T0pMXVMcUQANexp1 QFkeUR9ycwUIeX53 YU8sDHcKWBd5dxJg
QRsCEHAHZDJmdWgd WRVFdwNVdQJNdxoR b1V5GhFYa3VsNCMk
FAgyOXU9MCtqYA50 eklUcAt6
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2016 19:06:19 -0000
--yrj/dFKFPuw6o+aM
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Jun 30, 2016 at 08:25:45PM +0200, Eric Voskuil wrote:
> > To be clear, are you against Bitcoin Core's tor support?
> >=20
> > Because node-to-node connections over tor are encrypted, and make use o=
f onion
> > addresses, which are self-authenticated in the exact same way as BIP151=
proposes.
>=20
> BIP151 is self-admittedly insufficient to protect against a MITM attack. =
It proposes node identity to close this hole (future BIP required). The yet=
-to-be-specified requirement for node identity is the basis of my primary c=
oncern. This is not self-authentication.
>=20
> > And we're shipping that in production as of 0.12.0, and by default Tor =
onion support is enabled and will be automatically setup if you have a rece=
nt version of Tor installed.
> >=20
> > Does that "create pressure to expand node identity"?
>=20
> The orthogonal question of whether Tor is safe for use with the Bitcoin P=
2P protocol is a matter of existing research.
I don't think you answered my question.
Again, we _already have_ the equivalent of BIP151 functionality in Bitcoin
Core, shipping in production, but implemented with a Tor dependency.
BIP151 removes that dependency on Tor, enabling encrypted connections
regardless of whether or not you have Tor installed.
So any arguments against BIP151 being implemented, are equally arguments
against our existing Tor onion support. Are you against that support? Becau=
se
if you aren't, you can't have any objections to BIP151 being implemented
either.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--yrj/dFKFPuw6o+aM
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJXdW2iAAoJEGOZARBE6K+y0b4H/Ate3MT9sQPjK+e/H8zWs1pr
Pkrll3ppDjkiz2VoABJ9hIw8jR0GoZkeXsO2RYNcI1u9M7MDScNO5+TK87815TKX
2xVIE9tkOLix6xndbtbnw+2cbwmz2IatLQQ7MHzoj9W5Qa0gYSouX6i3eq9+7emm
JR2RQd3w6g6hGZC41UdlUMrBx5eUdn8gxPFgt+Z5tdJpF0V94k4HotGgXikDl01r
DGxGpO0ob6MlrsCDYi9VMbkPPkxSLrJfRCIkfnl8/DrcWoUWaFfK3LLx3845J4bs
AFdbZpw01joRbRJNkEo8ipC96EVjMjxC5v67yYjcX/+dkCiKMbIvxWXaMq7h5j8=
=nAS8
-----END PGP SIGNATURE-----
--yrj/dFKFPuw6o+aM--
|