MIME-Version: 1.0
In-Reply-To: <CANEZrP3+AowZZS1=hAkx0KODiT-vbcRKyZaHOE2CWaJk3y5-Dw@mail.gmail.com>
References: <52A3C8A5.7010606@gmail.com>
	<1795f3067ba3fcdd0caf978cc59ff024.squirrel@fruiteater.riseup.net>
	<52A435EA.7090405@gmail.com> <201312081237.24473.luke@dashjr.org>
	<CANAnSg2OrmQAcZ+cZdtQeADicH3U29QOgYPfP1AQhOMP6+P1wg@mail.gmail.com>
	<CAAS2fgR0khyJxmz9c2Oc87hOFgiNuiPJuaeugGajdo_EcKEW9w@mail.gmail.com>
	<CANEZrP3+AowZZS1=hAkx0KODiT-vbcRKyZaHOE2CWaJk3y5-Dw@mail.gmail.com>
Date: Sun, 8 Dec 2013 13:46:18 -0800
Message-ID: <CACh7GpEGyPsOtgNpkVqizuugygpeXAn6829CF-7eDZ1yuCKvDg@mail.gmail.com>
From: Mark Friedenbach <mark@monetize.io>
To: Mike Hearn <mike@plan99.net>
Content-Type: multipart/alternative; boundary=001a11c3473a3cbe6d04ed0ccf8a
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Dedicated server for bitcoin.org,
	your thoughts?
Precedence: list

--001a11c3473a3cbe6d04ed0ccf8a
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

I too would be against the foundation taking control of hosting or the
domain. I have no reason at this time not to trust them, by checks and
balances are a good thing.
On Dec 8, 2013 12:29 PM, "Mike Hearn" <mike@plan99.net> wrote:

> Issues that would need to be resolved:
>
> 1) Who pays for it? Most obvious answer: Foundation. However there's
> currently a fairly clear line between the foundation website and the
> bitcoin.org website. I personally am fine with the bitcoin foundation
> funding the website, it's a lot closer to the bitcoin community than
> github. But some people might care. So next step would be to contact the
> Foundation board and see if they're willing to fund it.
>
> 2) Anti-DoS? I assume github handles this at the moment, though I doubt
> there's anything to be gained from DoSing the informational website
>
> 3) Where does the server go? Ideally, a hosting provider that accepts
> Bitcoin of course!
>
> 4) Who admins it?
>
> 5) Who controls DNS for it?
>
> Right now I think Sirius still owns DNS for bitcoin.org which is
> nonsense. He needs to pass it on to someone who is actually still involve=
d
> with the project. Again, the most obvious neutral candidate would be the
> Foundation.
>
> So I think it's a good idea but there's a fair amount of work here. The
> primary upside I see is that it opens the potential for adding
> interactive/server-side code in future if we decide that would be useful.
>
>
>
> On Sun, Dec 8, 2013 at 8:25 PM, Gregory Maxwell <gmaxwell@gmail.com>wrote=
:
>
>> On Sun, Dec 8, 2013 at 11:16 AM, Drak <drak@zikula.org> wrote:
>> > BGP redirection is a reality and can be exploited without much
>>
>> You're managing to argue against SSL. Because it actually provides
>> basically protection against an attacker who can actively intercept
>> traffic to the server. Against that threat model SSL is clearly=E2=80=94=
 based
>> on your comments=E2=80=94 providing a false sense of security.
>>
>> We _do_ have protection that protect against that=E2=80=94 the pgp signa=
ture,
>> but they are far from a solution since people do not check that.
>>
>> (I'm not suggesting we shouldn't have it, I'm suggesting you stop
>> arguing SSL provides protection it doesn't before you manage to change
>> my mind!)
>>
>>
>> ------------------------------------------------------------------------=
------
>> Sponsored by Intel(R) XDK
>> Develop, test and display web and hybrid apps with a single code base.
>> Download it for free now!
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=3D111408631&iu=3D/4140/ost=
g.clktrk
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>
>
>
> -------------------------------------------------------------------------=
-----
> Sponsored by Intel(R) XDK
> Develop, test and display web and hybrid apps with a single code base.
> Download it for free now!
>
> http://pubads.g.doubleclick.net/gampad/clk?id=3D111408631&iu=3D/4140/ostg=
.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

--001a11c3473a3cbe6d04ed0ccf8a
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<p dir=3D"ltr">I too would be against the foundation taking control of host=
ing or the domain. I have no reason at this time not to trust them, by chec=
ks and balances are a good thing.</p>
<div class=3D"gmail_quote">On Dec 8, 2013 12:29 PM, &quot;Mike Hearn&quot; =
&lt;<a href=3D"mailto:mike@plan99.net">mike@plan99.net</a>&gt; wrote:<br ty=
pe=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 =
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir=3D"ltr">Issues that would need to be resolved:<div><br></div><div>=
1) Who pays for it? Most obvious answer: Foundation. However there&#39;s cu=
rrently a fairly clear line between the foundation website and the <a href=
=3D"http://bitcoin.org" target=3D"_blank">bitcoin.org</a> website. I person=
ally am fine with the bitcoin foundation funding the website, it&#39;s a lo=
t closer to the bitcoin community than github. But some people might care. =
So next step would be to contact the Foundation board and see if they&#39;r=
e willing to fund it.</div>

<div><br></div><div>2) Anti-DoS? I assume github handles this at the moment=
, though I doubt there&#39;s anything to be gained from DoSing the informat=
ional website</div><div><br></div><div>3) Where does the server go? Ideally=
, a hosting provider that accepts Bitcoin of course!</div>

<div><br></div><div>4) Who admins it?</div><div><br></div><div>5) Who contr=
ols DNS for it?</div><div><br></div><div>Right now I think Sirius still own=
s DNS for <a href=3D"http://bitcoin.org" target=3D"_blank">bitcoin.org</a> =
which is nonsense. He needs to pass it on to someone who is actually still =
involved with the project. Again, the most obvious neutral candidate would =
be the Foundation.</div>

<div><br></div><div>So I think it&#39;s a good idea but there&#39;s a fair =
amount of work here. The primary upside I see is that it opens the potentia=
l for adding interactive/server-side code in future if we decide that would=
 be useful.</div>

<div><br></div></div><div class=3D"gmail_extra"><br><br><div class=3D"gmail=
_quote">On Sun, Dec 8, 2013 at 8:25 PM, Gregory Maxwell <span dir=3D"ltr">&=
lt;<a href=3D"mailto:gmaxwell@gmail.com" target=3D"_blank">gmaxwell@gmail.c=
om</a>&gt;</span> wrote:<br>

<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div>On Sun, Dec 8, 2013 at 11:16 AM, Drak &=
lt;<a href=3D"mailto:drak@zikula.org" target=3D"_blank">drak@zikula.org</a>=
&gt; wrote:<br>


&gt; BGP redirection is a reality and can be exploited without much<br>
<br>
</div>You&#39;re managing to argue against SSL. Because it actually provide=
s<br>
basically protection against an attacker who can actively intercept<br>
traffic to the server. Against that threat model SSL is clearly=E2=80=94 ba=
sed<br>
on your comments=E2=80=94 providing a false sense of security.<br>
<br>
We _do_ have protection that protect against that=E2=80=94 the pgp signatur=
e,<br>
but they are far from a solution since people do not check that.<br>
<br>
(I&#39;m not suggesting we shouldn&#39;t have it, I&#39;m suggesting you st=
op<br>
arguing SSL provides protection it doesn&#39;t before you manage to change<=
br>
my mind!)<br>
<div><div><br>
---------------------------------------------------------------------------=
---<br>
Sponsored by Intel(R) XDK<br>
Develop, test and display web and hybrid apps with a single code base.<br>
Download it for free now!<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D111408631&amp;iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D111408631&amp;iu=3D/4140/ostg.clktrk</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div></div></blockquote></div><br></div>
<br>-----------------------------------------------------------------------=
-------<br>
Sponsored by Intel(R) XDK<br>
Develop, test and display web and hybrid apps with a single code base.<br>
Download it for free now!<br>
<a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D111408631&amp;iu=
=3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam=
pad/clk?id=3D111408631&amp;iu=3D/4140/ostg.clktrk</a><br>__________________=
_____________________________<br>

Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div>

--001a11c3473a3cbe6d04ed0ccf8a--