1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mh.in.england@gmail.com>) id 1WLrZs-0000bg-9I
for bitcoin-development@lists.sourceforge.net;
Fri, 07 Mar 2014 10:00:28 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.214.174 as permitted sender)
client-ip=209.85.214.174; envelope-from=mh.in.england@gmail.com;
helo=mail-ob0-f174.google.com;
Received: from mail-ob0-f174.google.com ([209.85.214.174])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WLrZq-0007tP-VQ
for bitcoin-development@lists.sourceforge.net;
Fri, 07 Mar 2014 10:00:28 +0000
Received: by mail-ob0-f174.google.com with SMTP id wo20so3913301obc.33
for <bitcoin-development@lists.sourceforge.net>;
Fri, 07 Mar 2014 02:00:21 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.60.44.8 with SMTP id a8mr10220539oem.19.1394186421612; Fri,
07 Mar 2014 02:00:21 -0800 (PST)
Sender: mh.in.england@gmail.com
Received: by 10.76.71.231 with HTTP; Fri, 7 Mar 2014 02:00:21 -0800 (PST)
In-Reply-To: <CAJoe_wFeyFvxbd2nSD2yztJ_qjRQ=AKZj8pBOXs-ChKKbaZeuQ@mail.gmail.com>
References: <CANEZrP3w9c_UX3dd+7LdWNXCEwjnAG+bYWxqKYo_fzakWQu=Bg@mail.gmail.com>
<lf9m0e$q7t$1@ger.gmane.org>
<CAJoe_wFeyFvxbd2nSD2yztJ_qjRQ=AKZj8pBOXs-ChKKbaZeuQ@mail.gmail.com>
Date: Fri, 7 Mar 2014 11:00:21 +0100
X-Google-Sender-Auth: iSpzil1ItjmVgGPM3fUTqMLDO-w
Message-ID: <CANEZrP3r3Xtv1BDK3k5u40xqa7WZn2G5NB6+-YGEbey60Wezgw@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: johannes@zweng.at
Content-Type: multipart/alternative; boundary=001a11c2e45869391d04f401525a
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mh.in.england[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WLrZq-0007tP-VQ
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>,
Andreas Schildbach <andreas@schildbach.de>
Subject: Re: [Bitcoin-development] Instant / contactless payments
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 07 Mar 2014 10:00:28 -0000
--001a11c2e45869391d04f401525a
Content-Type: text/plain; charset=UTF-8
HCE is a bit scary. It's like the card companies tried the secure element
thing, decided the security was too hard and were like "screw it, let's
just use regular apps after all". Not that we're any better :)
At any rate, Bitcoin doesn't have any need to emulate smartcards as we
don't have any pre-existing infrastructure. We can just use a regular
non-smarcard-emulation ISO-DEP protocol. The new UI in Android 4.4 provides
some way to choose the default payment app, but I think it's only intended
to disambiguate between credit card providers. Everything else gets dumped
into CATEGORY_OTHER and I dunno what happens if you have multiple Bitcoin
wallet apps doing the same thing. Worst case, we can add some
disambiguation code on top, inside the apps themselves.
On Fri, Mar 7, 2014 at 10:26 AM, Johannes Zweng <johannes@zweng.at> wrote:
>
> 2014-03-06 12:26 GMT+01:00 Andreas Schildbach <andreas@schildbach.de>:
>
>
>
>> In current phone implementations, the screen must be on already for NFC
>> to be active. Also it must be unlocked, although I certainly hope future
>> OSes will allow payment apps on the lock screen, just like they allow
>> music players.
>
>
> Just a small input to this point:
> On Android 4.4 the new host card emulation (HCE) feature (aka: the phone
> emulates a ISO-DEP Smartcard and processes ISO7816-4 APDU commands like a
> Smartcard would do) only works when the display is on, but even when the
> screen is locked (can be changed with "android:requireDeviceUnlock" in
> Manifest). See here for detailled specification:
> http://developer.android.com/guide/topics/connectivity/nfc/hce.html
>
> Using the HCE API on Android 4.4 also has the beauty that any app that
> registers itself for HCE and sets its category to CATEGORY_PAYMENT in the
> Manifest automatically shows up in Adroid's system settings under "Tap &
> Pay" (where a user would expect payment applications).
>
>
>
>
> ------------------------------------------------------------------------------
> Subversion Kills Productivity. Get off Subversion & Make the Move to
> Perforce.
> With Perforce, you get hassle-free workflows. Merge that actually works.
> Faster operations. Version large binaries. Built-in WAN optimization and
> the
> freedom to use Git, Perforce or both. Make the move to Perforce.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=122218951&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--001a11c2e45869391d04f401525a
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">HCE is a bit scary. It's like the card companies tried=
the secure element thing, decided the security was too hard and were like =
"screw it, let's just use regular apps after all". Not that w=
e're any better :)<div>
<br></div><div>At any rate, Bitcoin doesn't have any need to emulate sm=
artcards as we don't have any pre-existing infrastructure. We can just =
use a regular non-smarcard-emulation ISO-DEP protocol. The new UI in Androi=
d 4.4 provides some way to choose the default payment app, but I think it&#=
39;s only intended to disambiguate between credit card providers. Everythin=
g else gets dumped into CATEGORY_OTHER and I dunno what happens if you have=
multiple Bitcoin wallet apps doing the same thing. Worst case, we can add =
some disambiguation code on top, inside the apps themselves.</div>
<div><br></div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Fri, Mar 7, 2014 at 10:26 AM, Johannes Zweng <span dir=3D"ltr">&=
lt;<a href=3D"mailto:johannes@zweng.at" target=3D"_blank">johannes@zweng.at=
</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_extra">=
<br><div class=3D"gmail_quote">2014-03-06 12:26 GMT+01:00 Andreas Schildbac=
h <span dir=3D"ltr"><<a href=3D"mailto:andreas@schildbach.de" target=3D"=
_blank">andreas@schildbach.de</a>></span>:<div class=3D"">
<br>
<div>=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px =
0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-l=
eft-style:solid;padding-left:1ex">In current phone implementations, the scr=
een must be on already for NFC<br>
to be active. Also it must be unlocked, although I certainly hope future<br=
>
OSes will allow payment apps on the lock screen, just like they allow<br>
music players.</blockquote><div><br></div></div><div>Just a small input to =
this point:</div><div>On Android 4.4 the new host card emulation (HCE) feat=
ure (aka: the phone emulates a ISO-DEP Smartcard and processes=C2=A0ISO7816=
-4 APDU commands like a Smartcard would do) only works when the display is =
on, but even when the screen is locked (can be changed with "android:r=
equireDeviceUnlock" in Manifest). See here for detailled specification=
:=C2=A0<a href=3D"http://developer.android.com/guide/topics/connectivity/nf=
c/hce.html" target=3D"_blank">http://developer.android.com/guide/topics/con=
nectivity/nfc/hce.html</a></div>
<div><br></div><div>Using the HCE API on Android 4.4 also has the beauty th=
at any app that registers itself for HCE and sets its category to CATEGORY_=
PAYMENT in the Manifest automatically shows up in Adroid's system setti=
ngs under "Tap & Pay" (where a user would expect payment appl=
ications).</div>
<div><br></div><div><br></div></div></div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Subversion Kills Productivity. Get off Subversion & Make the Move to Pe=
rforce.<br>
With Perforce, you get hassle-free workflows. Merge that actually works.<br=
>
Faster operations. Version large binaries. =C2=A0Built-in WAN optimization =
and the<br>
freedom to use Git, Perforce or both. Make the move to Perforce.<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D122218951&iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D122218951&iu=3D/4140/ostg.clktrk</a><br>__________________=
_____________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>
--001a11c2e45869391d04f401525a--
|
