Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <gcbd-bitcoin-development@m.gmane.org>)
	id 1WBueP-0005OF-Tx for bitcoin-development@lists.sourceforge.net;
	Fri, 07 Feb 2014 23:16:01 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of m.gmane.org
	designates 80.91.229.3 as permitted sender)
	client-ip=80.91.229.3;
	envelope-from=gcbd-bitcoin-development@m.gmane.org;
	helo=plane.gmane.org; 
Received: from plane.gmane.org ([80.91.229.3])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.76) id 1WBueO-0008GJ-D1
	for bitcoin-development@lists.sourceforge.net;
	Fri, 07 Feb 2014 23:16:01 +0000
Received: from list by plane.gmane.org with local (Exim 4.69)
	(envelope-from <gcbd-bitcoin-development@m.gmane.org>)
	id 1WBueH-0004z7-O7 for bitcoin-development@lists.sourceforge.net;
	Sat, 08 Feb 2014 00:15:53 +0100
Received: from e179075056.adsl.alicedsl.de ([85.179.75.56])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00 for <bitcoin-development@lists.sourceforge.net>;
	Sat, 08 Feb 2014 00:15:53 +0100
Received: from andreas by e179075056.adsl.alicedsl.de with local (Gmexim 0.1
	(Debian)) id 1AlnuQ-0007hv-00
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 08 Feb 2014 00:15:53 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: bitcoin-development@lists.sourceforge.net
From: Andreas Schildbach <andreas@schildbach.de>
Date: Sat, 08 Feb 2014 00:15:43 +0100
Message-ID: <ld3pei$7fk$1@ger.gmane.org>
References: <lc5hmg$1jh$1@ger.gmane.org> <lcdaid$rd4$1@ger.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: e179075056.adsl.alicedsl.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:24.0) Gecko/20100101 Thunderbird/24.2.0
In-Reply-To: <lcdaid$rd4$1@ger.gmane.org>
X-Spam-Score: -1.0 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
	no trust [80.91.229.3 listed in list.dnswl.org]
	-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
	1.1 DKIM_ADSP_ALL          No valid author signature,
	domain signs all mail
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.6 RP_MATCHES_RCVD Envelope sender domain matches handover relay
	domain
X-Headers-End: 1WBueO-0008GJ-D1
Subject: Re: [Bitcoin-development] Payment Protocol for Face-to-face Payments
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 07 Feb 2014 23:16:02 -0000

I have refreshed the Bitcoin Wallet preview version with beta version
3.32. It now implements BIP72 aka "URI extension for payment protocol".

There is one important deviation from the standard though: Bitcoin URI
address and amount fields need to correspond to the data from the
payment request. The makes sure the signature really signs the URI
(which you've gotten directly from the payee) and not a malicious
payment request introduced by a MITM. Note the memo isn't protected like
that, so it can still be MITM'ed.

I know this means that for the time being Bitcoin URIs must be
"backwards compatible". That should not be an issue since we will be in
transition phase for many months anyway. Until then, I hope we will have
agreed on a more sophisticated approach, e.g. a separate hash in the URI.

Source:
https://github.com/schildbach/bitcoin-wallet/commits/v3.32

Binaries:
https://github.com/schildbach/bitcoin-wallet/releases/tag/v3.32
(also published to the corresponding channels on Google Play)


On 01/30/2014 11:46 AM, Andreas Schildbach wrote:
> Just a small update. I merged the code to my bitcoinj-0.11 branch and
> put up binary .apk files for experimentation. Just make sure to tick
> "BIP70 for tap-to-pay/scan-to-pay" in the labs settings.
> 
> Source:
> https://github.com/schildbach/bitcoin-wallet/commits/bitcoinj-0.11
> 
> Binaries:
> https://github.com/schildbach/bitcoin-wallet/releases/tag/v3.30-bitcoinj0.11
> 
> 
> On 01/27/2014 12:59 PM, Andreas Schildbach wrote:
>> As promised I'd like to present my work done on leveraging the payment
>> protocol for face-to-face payments. The general assumption is that
>> individuals don't own X.509 certificates. Their devices may be only
>> badly connected to the internet or in some cases not at all. I've
>> implemented a prototype on a branch of Bitcoin Wallet. It is using
>> bitcoinj 0.11 (not released).
>>
>> https://github.com/schildbach/bitcoin-wallet/commits/payment-protocol
> 
> 
> 
> ------------------------------------------------------------------------------
> WatchGuard Dimension instantly turns raw network data into actionable 
> security intelligence. It gives you real-time visual feedback on key
> security issues and trends.  Skip the complicated setup - simply import
> a virtual appliance and go from zero to informed in seconds.
> http://pubads.g.doubleclick.net/gampad/clk?id=123612991&iu=/4140/ostg.clktrk
>