Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YJUYW-0001cq-Dj for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 22:05:48 +0000 X-ACL-Warn: Received: from mail-pd0-f180.google.com ([209.85.192.180]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YJUYV-0006Oc-E2 for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 22:05:48 +0000 Received: by pdbfp1 with SMTP id fp1so10320617pdb.4 for ; Thu, 05 Feb 2015 14:05:41 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=a51MKyv0jsYKc2VO9Rt9i1WLu5UJJBDujb+nZeRg1xo=; b=REIPlJwyYiBAVIg4qUMKPhXQOUegTZfkN0+nhQzxWSoqNXUEd9EW/+eQ2H18COZNVN M7Ptx6Q2MABFaHwW81DP7vRgpYIRij8c6WNlhUuxJ8xG5oADYYohMsUQUzOVIG/JKd9X lHzFMQQSHOvTfeXIbJzxRHT2m/y2m3Xla7mKgifjYnVn2VtEGPSMdTndBYBfJjY5RqeS iRKQD23rtbWsrE8ROrRiTyZ5tVcVgV+AXGtsDNNPJ9R6xIyE+BEiBVkeaBMwGpxADe6v HZIQTi/FjyOX9OyluIWZA1W0q2xhtfnvZ7fSigI68ECEoREfDkZEuRJ1VDR3m1GABcdZ nORg== X-Gm-Message-State: ALoCoQkvMvoAogp++UsaaWMVBJveuINrFfUh/lCu1L+PnwVp04Lf3fsX4XHE3haur5hk7Ah+/g46 X-Received: by 10.66.186.110 with SMTP id fj14mr511903pac.98.1423173941710; Thu, 05 Feb 2015 14:05:41 -0800 (PST) Received: from [10.195.38.15] ([166.170.37.215]) by mx.google.com with ESMTPSA id go1sm5303433pbd.75.2015.02.05.14.05.40 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 05 Feb 2015 14:05:41 -0800 (PST) References: <54D3D636.1030308@voskuil.org> Mime-Version: 1.0 (1.0) In-Reply-To: Content-Type: multipart/alternative; boundary=Apple-Mail-471BA261-CD5F-480F-89A2-32F8B652507C Content-Transfer-Encoding: 7bit Message-Id: <87E6D928-B615-4A8D-8BBB-3610DB1C08A2@voskuil.org> X-Mailer: iPhone Mail (12B440) From: Eric Voskuil Date: Thu, 5 Feb 2015 14:05:39 -0800 To: Paul Puey X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 HTML_MESSAGE BODY: HTML included in message 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1YJUYV-0006Oc-E2 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Proposal for P2P Wireless (Bluetooth LE) transfer of Payment URI X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 22:05:48 -0000 --Apple-Mail-471BA261-CD5F-480F-89A2-32F8B652507C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Hi Paul, The issue is in the establishment of trust. Anyone can broadcast the initial= information. e > On Feb 5, 2015, at 2:01 PM, Paul Puey wrote: >=20 > The broadcast is ONLY done when the wallet is in Receive mode. Same as whe= n the QR code is visible. The use of the *Name* section is specifically so t= hat a recipient can broadcast their name/handle. Not so the recipient would b= roadcast the name of the Sender. >=20 > On Thu, Feb 5, 2015 at 12:50 PM, Mike Hearn wrote: >>> I'm imagining myself walking around broadcasting my photo and MAC >>> address while hucksters push payment requests to me for approval >>=20 >> I hate to break it to you, but you broadcast a photo of your face every t= ime you walk outside ;) >>=20 >> Bluetooth MAC addresses are random, they aren't useful identifiers. If so= meone can see you, a face is a far more uniquely identifying thing than a MA= C. >>=20 >> "Payment spam" might be a problem. I can imagine a wallet requiring that s= uch requests are signed and then spammers can be blacklisted in the usual fa= shion so they can't push things to your phone anymore. Anyway, a hurdle that= can be jumped if/when it becomes an issue. >=20 --Apple-Mail-471BA261-CD5F-480F-89A2-32F8B652507C Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 7bit
Hi Paul,

The issue is in the establishment of trust. Anyone can broadcast the initial information.

e

On Feb 5, 2015, at 2:01 PM, Paul Puey <paul@airbitz.co> wrote:

The broadcast is ONLY done when the wallet is in Receive mode. Same as when the QR code is visible. The use of the *Name* section is specifically so that a recipient can broadcast their name/handle. Not so the recipient would broadcast the name of the Sender.

On Thu, Feb 5, 2015 at 12:50 PM, Mike Hearn <mike@plan99.net> wrote:
I'm imagining myself walking around broadcasting my photo and MAC
address while hucksters push payment requests to me for approval

I hate to break it to you, but you broadcast a photo of your face every time you walk outside ;)

Bluetooth MAC addresses are random, they aren't useful identifiers. If someone can see you, a face is a far more uniquely identifying thing than a MAC.

"Payment spam" might be a problem. I can imagine a wallet requiring that such requests are signed and then spammers can be blacklisted in the usual fashion so they can't push things to your phone anymore. Anyway, a hurdle that can be jumped if/when it becomes an issue.

--Apple-Mail-471BA261-CD5F-480F-89A2-32F8B652507C--