Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1RbNqV-0006yp-Mo for bitcoin-development@lists.sourceforge.net; Fri, 16 Dec 2011 02:48:27 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of bluematt.me designates 173.246.101.161 as permitted sender) client-ip=173.246.101.161; envelope-from=bitcoin-list@bluematt.me; helo=mail.bluematt.me; Received: from vps.bluematt.me ([173.246.101.161] helo=mail.bluematt.me) by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1RbNqU-0007j3-Hd for bitcoin-development@lists.sourceforge.net; Fri, 16 Dec 2011 02:48:27 +0000 Received: from [152.23.99.207] (dhcp05033.highsouth-resnet.unc.edu [152.23.99.207]) by mail.bluematt.me (Postfix) with ESMTPSA id 3FD293E0 for ; Fri, 16 Dec 2011 03:42:51 +0100 (CET) From: Matt Corallo To: bitcoin-development@lists.sourceforge.net In-Reply-To: <1323979147.27319.140661012141129@webmail.messagingengine.com> References: <1323728469.78044.YahooMailNeo@web121012.mail.ne1.yahoo.com> <1323979147.27319.140661012141129@webmail.messagingengine.com> Content-Type: text/plain; charset="UTF-8" Date: Thu, 15 Dec 2011 21:48:17 -0500 Message-ID: <1324003697.3719.5.camel@BMThinkPad.lan.bluematt.me> Mime-Version: 1.0 X-Mailer: Evolution 2.32.2 Content-Transfer-Encoding: 7bit X-Spam-Score: -3.8 (---) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -2.3 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.0 AWL AWL: From: address is in the auto white-list X-Headers-End: 1RbNqU-0007j3-Hd Subject: Re: [Bitcoin-development] [BIP 15] Aliases X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Dec 2011 02:48:27 -0000 On Thu, 2011-12-15 at 13:59 -0600, theymos wrote: > Bitcoin already has code and a protocol for transactions to IP > addresses. Why not reuse that for dynamic address lookup? Just a few > changes are necessary to enable complete user@server.com handling: I'm not against this, but I think its way overcomplicated when compared to the DNS or HTTPS methods. > - Extend the protocol so that "reply" messages can be signed by a fixed > public key > - Extend "checkorder" messages so they can specify an account to > send BTC to. Or standardize on how to put the account into the > message field. OK, not too debatable, but considering how terrible bitcoind's account handling is, the second might not be easy to get right... > - Enable DNS lookups for IP transactions. The DNS-only proposals could > also be used here to avoid having to use the IP transaction protocol > sometimes. The public key for signing "reply" messages can be gotten > from TXT records. This will be safe with DNSSEC and Namecoin. With > plain DNS Bitcoin could take a SSH-like approach and ask the user to > verify the public key the first time it is used, remembering it later. This is where I think this method becomes way overcomplicated. Not only do you have to update the IP-Transaction code, but now you have to implement the full DNS System that is the other option as well. Note that to make this secure, we have to have a full DNSSEC-capable resolver built-into bitcoind (there are libs, but it has to happen). Yes you can ask the user "does this fingerprint look right to you? Y/N" but that always opens you up to a ton of users getting screwed out of coins and I don't think it should be enabled, except in bitcoind, and since the main target of this whole alias system is bitcoin-qt users, well... Matt