Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <timo.hanke@web.de>) id 1UVKmW-0005m7-En
	for bitcoin-development@lists.sourceforge.net;
	Thu, 25 Apr 2013 11:56:08 +0000
Received: from mout.web.de ([212.227.15.4])
	by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1UVKmV-0008DS-HB for bitcoin-development@lists.sourceforge.net;
	Thu, 25 Apr 2013 11:56:08 +0000
Received: from crunch ([77.180.198.197]) by smtp.web.de (mrweb101) with ESMTPA
	(Nemesis) id 0MD87M-1UH32i2TSG-00H9SP;
	Thu, 25 Apr 2013 13:56:00 +0200
Date: Thu, 25 Apr 2013 13:55:59 +0200
From: Timo Hanke <timo.hanke@web.de>
To: Mike Hearn <mike@plan99.net>
Message-ID: <20130425115559.GA32463@crunch>
References: <mailman.38128.1366844895.4905.bitcoin-development@lists.sourceforge.net>
	<20130425095855.GA30535@crunch>
	<CANEZrP3EhS3-HnPT_exc9MjZn-ywZggSzqSHPzHU5J2EZuLQtg@mail.gmail.com>
	<20130425102853.GA31573@crunch>
	<CANEZrP1343gX-utnbO16Z6axMDMmvYpiGXW8_Vc-yec03ip=1g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANEZrP1343gX-utnbO16Z6axMDMmvYpiGXW8_Vc-yec03ip=1g@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Provags-ID: V02:K0:mqmU209axPdMbjsliNi4XrCiUlVm7Ch21ryif0mtc6V
	1vkq/JHN+1lTtHeiD3oXJydLrKqILjLFLC3YKWd7mX5gHFP9W9
	GzcVZtMQAKp6GPNFtT4yybXpR6MpCWkz/NhjI7zJa6Ab0qiYOJ
	1MzbpwRsSkkBqJEZf2nmZ84HqpTQ6InvLQ+Ch/hvuJEdga9m9N
	q/eV7yrkxLm3T+PW38PnA==
X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
	no trust [212.227.15.4 listed in list.dnswl.org]
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(timo.hanke[at]web.de)
	-0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay
	domain
X-Headers-End: 1UVKmV-0008DS-HB
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Cold Signing Payment Requests
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: timo.hanke@web.de
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 25 Apr 2013 11:56:08 -0000

On Thu, Apr 25, 2013 at 12:45:33PM +0200, Mike Hearn wrote:
>     > That's a pointless goal to try and solve right now, because the SSL
>     > PKI cannot handle compromised web servers and so neither can we (with
>     > v1 of the payments spec).
> 
>     I don't think the OP intended to solve it "right now", i.e. in v1.
> 
>     He differentiated between "most trusted" and "less trusted" keys
>     (certs). So he can clearly live with the SSL PKI being "less trusted"
>     for his purpose.
> 
> 
> Yes, but my point is if the SSL key lives on the web server, and there are CAs
> that issue you certs based on control of a web server at the given domain name
> (there are), then you can simply issue yourself a new SSL cert with whatever
> data in it you want and pose as the merchant.

True, I forgot about that, though we already had discussed this in the
past..

-- 
Timo Hanke
PGP AB967DA8, Key fingerprint = 1EFF 69BC 6FB7 8744 14DB  631D 1BB5 D6E3 AB96 7DA8