Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <davec@conformal.com>) id 1YE4W8-0002oa-Hl
	for bitcoin-development@lists.sourceforge.net;
	Wed, 21 Jan 2015 23:16:56 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of conformal.com
	designates 204.124.83.141 as permitted sender)
	client-ip=204.124.83.141; envelope-from=davec@conformal.com;
	helo=comm0.conformal.com; 
Received: from comm0.conformal.com ([204.124.83.141])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.76) id 1YE4W6-0000Ga-Id
	for bitcoin-development@lists.sourceforge.net;
	Wed, 21 Jan 2015 23:16:56 +0000
Received: from [192.168.32.100] (cpe-24-243-251-52.hot.res.rr.com
	[24.243.251.52])
	(using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	by comm0.conformal.com (Postfix) with ESMTPSA id 46788B6CACE;
	Wed, 21 Jan 2015 16:57:22 -0600 (CST)
Message-ID: <54C02ED2.6040806@conformal.com>
Date: Wed, 21 Jan 2015 16:57:22 -0600
From: Dave Collins <davec@conformal.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
	rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: Pieter Wuille <pieter.wuille@gmail.com>, 
	Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
References: <CAPg+sBhk7F2OHT64i2LNSjv8DR5tD3RJkLJGzPGZW8OPQTCjQw@mail.gmail.com>
In-Reply-To: <CAPg+sBhk7F2OHT64i2LNSjv8DR5tD3RJkLJGzPGZW8OPQTCjQw@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="QAjD2bFmwVCLQ1lNILFVESfhmiNNeRqF7"
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay
	domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1YE4W6-0000Ga-Id
Subject: Re: [Bitcoin-development] [softfork proposal] Strict DER signatures
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 21 Jan 2015 23:16:56 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--QAjD2bFmwVCLQ1lNILFVESfhmiNNeRqF7
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

I'm really glad to see this proposal.  We already treat non-DER
signatures as non-standard in btcd and agree that extending them be
illegal as a part of a soft fork is a smart and sane thing to do.

It's also good to see the explicit use of signature parsing since it
matches what we already do as well because we noticed noticed OpenSSL's
notion of big numbers (unsigned) didn't agree with Go's (signed).  By
having the explicit signature scheme and checking clearly called out in
a BIP, it greatly lowers the chances of there being any disagreement
about what is valid or invalid due to an underlying dependency.

+1

On 1/20/2015 6:35 PM, Pieter Wuille wrote:
> Hello everyone,
>=20
> We've been aware of the risk of depending on OpenSSL for consensus
> rules for a while, and were trying to get rid of this as part of BIP
> 62 (malleability protection), which was however postponed due to
> unforeseen complexities. The recent evens (see the thread titled
> "OpenSSL 1.0.0p / 1.0.1k incompatible, causes blockchain rejection."
> on this mailing list) have made it clear that the problem is very
> real, however, and I would prefer to have a fundamental solution for
> it sooner rather than later.
>=20
> I therefore propose a softfork to make non-DER signatures illegal
> (they've been non-standard since v0.8.0). A draft BIP text can be
> found on:
>=20
>     https://gist.github.com/sipa/5d12c343746dad376c80
>=20
> The document includes motivation and specification. In addition, an
> implementation (including unit tests derived from the BIP text) can be
> found on:
>=20
>     https://github.com/sipa/bitcoin/commit/bipstrictder
>=20
> Comments/criticisms are very welcome, but I'd prefer keeping the
> discussion here on the mailinglist (which is more accessible than on
> the gist).
>=20


--QAjD2bFmwVCLQ1lNILFVESfhmiNNeRqF7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQIcBAEBAgAGBQJUwC7WAAoJELiQTZ2ck9HyK3gQAJwSLYqdu30x0ruNbs87trZV
FslEZG6NbnwT4/MpR4IQQeLKTGIEh1R/IS/LxF6J/o3y3PYS2gYj6T5PXxwAG4Y4
eJGOV8j5XbMajWM7n5Jay3GqoDpVLGISyOaozMos3OoqE72bR3I9cY3A1VTLlJsu
nEuQzWADJ0AHktIC3NOZOC5R3SnI0/Jpeyj2tor5iSCfuoV27JxGxP6vwZ11nI1q
lqkfkjklTYMdqm3J11Sp/KuNJnJir2CmoBXHU59V0zHkwGrPxjTwmpNFa4W9qVag
J3gh6Fn5Yk+VnPUPgC0GyVE6MYqvO24nDKc0OEyusr/F971CHTFhm+Mb+D5xZrG9
Ax/FlybXgbBt+DbDoDFX1NTSUMLfpTIJTW8Djt7n3v5kZ7QUKk3SPPUJtJuTShpj
4bgwQJZ2F0QjcKb+BgvZKKpYy1UryagH+QsNvsUiyXwL8tfwlIhb+1g/5bF5QFpN
a+aozdhSnHMF5LzqaPhGnYDf3u/tyPk1NoKk9ACW1yYeEtE/KOpPlJTFLuDny/BY
vZB5Ni3rwcITPvlfp7W/3ffG8V5Lm/ep/6MDkg1QDJccjskO7JYGbUJKp765THZ9
Win4jfTcGERyT/RSdcCuXCVqqcHI9IRX83vNPM3PTq7XmOt9Cak5X0i3SNNRJOs6
jzh3SdkMh/ftDJTKP5YP
=r1bY
-----END PGP SIGNATURE-----

--QAjD2bFmwVCLQ1lNILFVESfhmiNNeRqF7--