Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.216.52 as permitted sender)
	client-ip=209.85.216.52; envelope-from=jan.moller@gmail.com;
	helo=mail-qa0-f52.google.com; 
MIME-Version: 1.0
In-Reply-To: <CAJHLa0POjVLTDqPXTqgf32Oove-KeOd52mDioHf2RZ4izrByxw@mail.gmail.com>
References: <CA+WZAEp3HsW5ESGUZ7YfR1MZXGC5jd+LucUt_MUP8K94Xwhuhg@mail.gmail.com>
	<CANEZrP0KVyp2Va7Wyy=t0qYkLNK9BDUaSzBfuzQss+=weLJ1Fw@mail.gmail.com>
	<CA+WZAEqYKv8T1OMCKhOJvf5FAy=WujJ=OhtsYP9aBf=4ZPNxmw@mail.gmail.com>
	<CANEZrP0DTYqobECBbw6eZqdk+-TR_2jhBtOviN08r31EQGmZHQ@mail.gmail.com>
	<CANEZrP2Z5x0_kOQ=8-BMzbmi9=D=ou=s3dgEksMA5F84BHSt9A@mail.gmail.com>
	<CA+WZAEqREDkDvmhM7AY+Ju3fkm3uOGm39Ef9+SYoEr43ybbg2Q@mail.gmail.com>
	<CANEZrP15xWWq2jU5yKjG+9hp___OovtbH+vM5KkzFcaQ=koRow@mail.gmail.com>
	<CA+WZAEpwBqucw7kOFrRn_TsnVGaY0-hm4Xv64_i7LweEzQ=oGw@mail.gmail.com>
	<CAJHLa0Nd1hVrcB9Koyv99zN_ykJbHW21qC3KdjZHB4PmOLLgnQ@mail.gmail.com>
	<CANEZrP170RmbegDfssqZS7KFVQ0rguW3dnE4u1yj7h-Dw5rBTw@mail.gmail.com>
	<CAJHLa0POjVLTDqPXTqgf32Oove-KeOd52mDioHf2RZ4izrByxw@mail.gmail.com>
Date: Tue, 22 Apr 2014 08:34:22 +0200
Message-ID: <CABh=4qMU_FNMcEtmM_sWWFSvpscPCMpD=pc8xLUud_KbQR=bHw@mail.gmail.com>
From: =?UTF-8?Q?Jan_M=C3=B8ller?= <jan.moller@gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: multipart/alternative; boundary=001a11c2b99478c14604f79bceea
Subject: Re: [Bitcoin-development] Draft BIP for seamless website
 authentication using Bitcoin address
Precedence: list
Reply-To: jan.moller@gmail.com

--001a11c2b99478c14604f79bceea
Content-Type: text/plain; charset=UTF-8

The reason why client side certificates have never gained traction because
it is a pain to safely store/backup secrets.
In bitcoinland we are forced to solve the problem of safely storing
secrets, and over the years we have come up with software and hardware
solutions to make this safer and easier to manage for ordinary people.
Solving this is paramount to the success of Bitcoin, and nobody has solved
it before on a grand scale.

I see no reason for forcing end users to use two different mechanisms for
safely managing secrets.

I agree that using a bitcoin address for authentication purposes might be
confusing and potentially linking your funds with your identity. So I am
all for using something else than bitcoin addresses and bitcoin private
keys.

With bip32 we have finally agreed on a mechanism for generating a hierarchy
of bitcoin private keys from a master seed. A similar approach can be used
for generating a parallel hierarchy for authentication purposes.

- Jan

--001a11c2b99478c14604f79bceea
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div>The reason why client side certificates have never ga=
ined traction because it is a pain to safely store/backup secrets.</div><di=
v>In bitcoinland we are forced to solve the problem of safely storing secre=
ts, and over the years we have come up with software and hardware solutions=
 to make this safer and easier to manage for ordinary people. Solving this =
is paramount to the success of Bitcoin, and nobody has solved it before on =
a grand scale.=C2=A0</div>

<div><br></div><div>I see no reason for forcing end users to use two differ=
ent mechanisms for safely managing secrets.</div><div><br></div><div>I agre=
e that using a bitcoin address for authentication purposes might be confusi=
ng and potentially linking your funds with your identity. So I am all for u=
sing something else than bitcoin addresses and bitcoin private keys.<br>
</div><div><br></div><div>With bip32 we have finally agreed on a mechanism =
for generating a hierarchy of bitcoin private keys from a master seed. A si=
milar approach can be used for generating a parallel hierarchy for authenti=
cation purposes.=C2=A0<br>

</div><div><br></div><div>- Jan</div><div><br></div><div><br></div></div>

--001a11c2b99478c14604f79bceea--