Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1SFDjH-0000g9-VU for bitcoin-development@lists.sourceforge.net; Wed, 04 Apr 2012 00:05:39 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of coinlab.com designates 209.85.216.54 as permitted sender) client-ip=209.85.216.54; envelope-from=mike@coinlab.com; helo=mail-qa0-f54.google.com; Received: from mail-qa0-f54.google.com ([209.85.216.54]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1SFDjF-0002Si-DU for bitcoin-development@lists.sourceforge.net; Wed, 04 Apr 2012 00:05:39 +0000 Received: by qao25 with SMTP id 25so17206qao.13 for ; Tue, 03 Apr 2012 17:05:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=TllvO10eGngqQBx9BEJAKy4pq+AP+xVr6aPCMaTtDi0=; b=k6Q3D2OukmUSqVQgZf96LkNJTmlItkXiNdoDP45P4jfBcHM6l+WDw/a+sRbiQkssyn dFz8gdJES5Jav+JkjAK38BdQiSS2N3XTfVPh2BsD6g5chGTzuHK5Ef8XDutpYBpn5AqH UDinBrQU2OLRtAJrEt/rj+PYX6it9b7Zk/GDoX8C9R3J0qUvnsrHmClQ/m4tQlG+qAkd I1K1MgsZAK6njiF/UcaQj+CEGoDPjnURJBoAh2to+HtgtPWQdpOv3PGzggeh8CsMtuiN gX5JJ6/Vq4QbnFjlkcapuvf1hK4yIjLl7hkifDJVH44V6mNyhchg90AVUoJrx8L7wGP2 12uA== MIME-Version: 1.0 Received: by 10.229.137.135 with SMTP id w7mr5901576qct.62.1333496221684; Tue, 03 Apr 2012 16:37:01 -0700 (PDT) Received: by 10.229.78.134 with HTTP; Tue, 3 Apr 2012 16:37:01 -0700 (PDT) In-Reply-To: <4F7B67D6.7090101@gmail.com> References: <4F7A1227.7070306@gmail.com> <201204031455.42265.luke@dashjr.org> <4F7B67D6.7090101@gmail.com> Date: Tue, 3 Apr 2012 16:37:01 -0700 Message-ID: From: Mike Koss To: Alan Reiner Content-Type: multipart/alternative; boundary=00235452feac9a556404bccec836 X-Gm-Message-State: ALoCoQltYZ0vbAP89jZ5r990l9g6r8976U/HWb6f4Zz+i3uu6gRuU0kxJYtNbuRTYhTCVqgGG0Dx X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1SFDjF-0002Si-DU Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Signature Blocks and URI Sign Requests X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2012 00:05:40 -0000 --00235452feac9a556404bccec836 Content-Type: text/plain; charset=ISO-8859-1 Alan, I'm coming in late to the conversation - do I understand that BIP 010 does not propose any changes to the protocol - but just an intermediate data format that other clients might use to collect the need key material to sign a multi-signature block? If so - one might ask what the role of BIP's are if they actually do not impact the protocol? If there is any encapsulated data format that is expected to be interpreted by clients - I'd call that a "protocol change"; but I take it in this instance that you will transmit these signature block out of band from the client ... yet they would have to be parsed and converted into a Transaction Script once collected by SOME client? Would we expect the standard client do so? Sorry if this has been discussed before - I'm trying to understand the proposal. On Tue, Apr 3, 2012 at 2:12 PM, Alan Reiner wrote: > ** > Just to clarify, I'm not proposing anything to the protocol itself. > Simply that some applications might benefit from users being to sign > messages with existing Bitcoin identities, and what can we do to > accommodate that (out of band)? It's not a high priority, but I think it's > potentially useful, and most codebases already have everything they need in > place to implement it. > > > > On 04/03/2012 04:04 PM, Peter Vessenes wrote: > > I don't think it's minimally invasive to layer PGP's web of trust on top > of Bitcoin, in fact, the opposite. > > From a certain angle, bitcoin exists as a sort of answer / alternate > solution to the web of trust. Digital cash with an existing web of trust in > place was a working concept in the mid-1990s, courtesy of David Chaum, I > believe. > > I totally agree on the kitchen sink concern; I would personally like to > see something like a one-year required discussion period on all > non-security changes proposed to the blockchain protocol. We know almost > nothing about how bitcoin will be used over the next 20 years; I believe > it's a mistake to bulk up the protocol too rapidly right now. > > There's a famous phrase from the founder of Lotus about Lotus' > engineering process: "add lightness." The equivalent for protocol design > might be "add simplicity." I'd like to see us adding simplicity for now, > getting a core set of tests together for alternate implementations like > libbitcoin, and thinking hard about the dangers of cruft over a 10+ year > period when it comes to a technology which will necessarily include a > complete history of every crufty decision embodied in transaction histories. > > Peter > > > On Tue, Apr 3, 2012 at 1:42 PM, Wladimir wrote: > >> >> On Tue, Apr 3, 2012 at 8:55 PM, Luke-Jr wrote: >> >>> On Tuesday, April 03, 2012 2:46:17 PM Gavin Andresen wrote: >>> > We should avoid reinventing the wheel, if we can. I think we should >>> > extend existing standards whenever possible. >>> >>> I wonder if it's possible to make sigs compatible with PGP/EC ? >>> >> >> Or we could take a step back, further into "don't reinvent the wheel" >> territory. Why not simply make use of PGP(/EC) to sign and verify messages? >> It has many advantages, like an already existing web-of-trust and keyserver >> infrastructure. >> >> I still feel like this is sign message stuff is dragging the kitchen sink >> into Bitcoin. It's fine for logging into a website, what you use it for, >> but anything that approaches signing email (such as S/MIME implementations >> and handling different character encodings) is going too far IMO. >> >> Wladimir >> >> >> >> ------------------------------------------------------------------------------ >> Better than sec? Nothing is better than sec when it comes to >> monitoring Big Data applications. Try Boundary one-second >> resolution app monitoring today. Free. >> http://p.sf.net/sfu/Boundary-dev2dev >> _______________________________________________ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> >> > > > -- > > Peter J. Vessenes > CEO, CoinLab > M: 206.595.9839 > > > ------------------------------------------------------------------------------ > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free.http://p.sf.net/sfu/Boundary-dev2dev > > > _______________________________________________ > Bitcoin-development mailing listBitcoin-development@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > > ------------------------------------------------------------------------------ > Better than sec? Nothing is better than sec when it comes to > monitoring Big Data applications. Try Boundary one-second > resolution app monitoring today. Free. > http://p.sf.net/sfu/Boundary-dev2dev > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > -- Mike Koss CTO, CoinLab (425) 246-7701 (m) A Bitcoin Primer - What you need to know about Bitcoins. --00235452feac9a556404bccec836 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Alan, I'm coming in late to the conversation -=A0do I understand that B= IP 010 does not propose any changes to the protocol - but just an intermedi= ate data format that other clients might use to collect the need key materi= al to sign a multi-signature block?

If so - one might ask what the role of BIP's are if= they actually do not impact the protocol?

If ther= e is any encapsulated data format that is expected to be interpreted by cli= ents - I'd call that a "protocol change"; but I take it in th= is instance that you will transmit these signature block out of band from t= he client ... yet they would have to be parsed and converted into a Transac= tion Script once collected by SOME client? =A0Would we expect the standard = client do so?

Sorry if this has been discussed before - I'm tryin= g to understand the proposal.


On Tue, Apr 3, 2012 at 2:12 PM, Alan Reiner &l= t;etotheipi@gmail.com>= wrote:
=20 =20 =20
Just to clarify, I'm not proposing anything to the protocol itself.= =A0 Simply that some applications might benefit from users being to sign messages with existing Bitcoin identities, and what can we do to accommodate that (out of band)?=A0 It's not a high priority, but I think it's potentially useful, and most codebases already have everything they need in place to implement it.


On 04/03/2012 04:04 PM, Peter Vessenes wrote:
I don't think it's minimally invasive= to layer PGP's web of trust on top of Bitcoin, in fact, the opposite.=A0

From a certain angle, bitcoin exists as a sort of answer / alternate solution to the web of trust. Digital cash with an existing web of trust in place was a working concept in the mid-1990s, courtesy of David Chaum, I believe.

I totally agree on the kitchen sink concern; I would personally like to see something like a one-year required discussion period on all non-security changes proposed to the blockchain protocol. We know almost nothing about how bitcoin will be used over the next 20 years; I believe it's a mistake t= o bulk up the protocol too rapidly right now.

There's a famous phrase from the founder of Lotus about Lotus' engineering process: "add lightness." The equi= valent for protocol design might be "add simplicity." I'd like t= o see us adding simplicity for now, getting a core set of tests together for alternate implementations like libbitcoin, and thinking hard about the dangers of cruft over a 10+ year period when it comes to a technology which will necessarily include a complete history of every crufty decision embodied in transaction histories.

Peter


On Tue, Apr 3, 2012 at 1:42 PM, Wladimir <laanwj@gmail.com> wrote:


Or we could take a step back, further into "don't reinvent the wheel" territory. Why not simply make use of PGP(/EC) to sign and verify messages? It has many advantages, like an already existing web-of-trust and keyserver infrastructure.

I still feel like this is sign message stuff is dragging the kitchen sink into Bitcoin. It's fine for logging into a website, what you use it for, but anything that approaches signing email (such as S/MIME implementations and handling different character encodings) is going too far IMO.

Wladimir


---------------------------------------------------------------------------= ---
Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p.sf.net/sfu/Boundary-dev2dev
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinf= o/bitcoin-development




--

Peter J. Vessenes
CEO, CoinLab


---------------------------------------------------------------------------=
---
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second=20
resolution app monitoring today. Free.
http://p=
.sf.net/sfu/Boundary-dev2dev

_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment


-----------------------------------------------------------------------= -------
Better than sec? Nothing is better than sec when it comes to
monitoring Big Data applications. Try Boundary one-second
resolution app monitoring today. Free.
http://p= .sf.net/sfu/Boundary-dev2dev
_______________________________________= ________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment




--
Mike Kos= s
CTO, CoinLab
(425) 246-7701 (m)

A Bitco= in Primer=A0- What you need to know about Bitcoins.

--00235452feac9a556404bccec836--