Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WQxAZ-0002ao-KH for bitcoin-development@lists.sourceforge.net; Fri, 21 Mar 2014 10:59:23 +0000 X-ACL-Warn: Received: from mout.perfora.net ([74.208.4.194]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WQxAY-0000FK-Bh for bitcoin-development@lists.sourceforge.net; Fri, 21 Mar 2014 10:59:23 +0000 Received: from netbook (c107-70.i07-27.onvol.net [92.251.107.70]) by mrelay.perfora.net (node=mrus3) with ESMTP (Nemesis) id 0Ljr9d-1WyM2W1jSL-00bg0I; Fri, 21 Mar 2014 06:59:13 -0400 Received: by netbook (Postfix, from userid 1000) id B555B2E018E; Fri, 21 Mar 2014 11:59:07 +0100 (CET) Received: by flare (hashcash-sendmail, from uid 1000); Fri, 21 Mar 2014 11:59:06 +0100 Date: Fri, 21 Mar 2014 11:59:06 +0100 From: Adam Back To: Andreas Schildbach Message-ID: <20140321105906.GA1725@netbook.cypherspace.org> References: <20140320121221.GA25052@netbook.cypherspace.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Hashcash: 1:20:140321:andreas@schildbach.de::KhMjWzwbG5W5jKmI:0000000000000000 0000000000000000000000000z6+ X-Hashcash: 1:20:140321:bitcoin-development@lists.sourceforge.net::NkKZMYmO0c+Hr rxl:000000000000000000002HSn X-Hashcash: 1:20:140321:adam@cypherspace.org::yfa4X60t2WK9wVuv:00000000000000000 0000000000000000000000003hIP X-Provags-ID: V02:K0:f8sHCYbLGU+Rf6aPizRC8tb6O9DO3YvFTCN9cijdAVg tvVGvwKGzsmGTCb90qjkUywRyan5WXnwpTNccQLBckX0Qb8/PM luRee6xZG7cfxQDE0Y+gxM1Gktp5EgrSDyb4WA7tyf2v+3y/4r NkKN5KXegUlqOI88hMh8qbL9eci/Z7b0TXCqo5ZqPCoSRGbFIe Mss6c1dRnxcl4dIcj/OvjevItIrlfBuOgtpSPBbEJhz27/miGn ZHKb+UlsF59gX54m80ab8qXkCo4TpjTJq57TSAfxl4nbM5MW2H jupV5yUmRs2CkH3xZkU+O+p6jDmd2lPxAt8+9LiGn74apldLBD aTyrtdddCjCJAY6TGhQt0a4QjEl5Hjgnx4Pkyixt0 X-Spam-Score: -0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [74.208.4.194 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record X-Headers-End: 1WQxAY-0000FK-Bh Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Payment Protocol for Face-to-face Payments X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Mar 2014 10:59:23 -0000 Maybe its time to explore raw ECDSA signed message based certs. btw I dont think its quite 4kB. eg bitpay's looks to be about 1.5kB in der format. And they contain a 2048-bit RSA server key, and 2048-bit RSA signatures (256byte each right there = 512bytes). And even 2048 is weaker than 256-bit ECDSA. Adam On Fri, Mar 21, 2014 at 11:25:59AM +0100, Andreas Schildbach wrote: >On 03/20/2014 01:12 PM, Adam Back wrote: > >> Whats a sensible limit on practical/convenient QR code size? > >Technically 3 KB. In my experience codes above 1.5 KB become impossible >to scan (ZXing scanner, 3 years ago). You will want to stay below 500 >bytes for convenient scanning. That said, I'm convinced there is a lot >of room for scanning improvements. > >> How much of the payment protocol message size comes from use of x509? > >As said in the OP, a minimal PR uses 50 bytes. X.509 seems to put about >4000 bytes on top of that. > >As you can see, we have quite some room for improvements to PR payload >(PaymentDetails). X.509 certification will probably not be possible via >QR, at least not until specialized CA's will issue space-efficient certs >(using ECDSA?).