Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1TdJt7-0008Q0-MS for bitcoin-development@lists.sourceforge.net; Tue, 27 Nov 2012 12:03:41 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.47 as permitted sender) client-ip=209.85.219.47; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f47.google.com; Received: from mail-oa0-f47.google.com ([209.85.219.47]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1TdJt7-0008DI-0L for bitcoin-development@lists.sourceforge.net; Tue, 27 Nov 2012 12:03:41 +0000 Received: by mail-oa0-f47.google.com with SMTP id h1so13084106oag.34 for ; Tue, 27 Nov 2012 04:03:35 -0800 (PST) MIME-Version: 1.0 Received: by 10.60.20.230 with SMTP id q6mr12675426oee.134.1354017815654; Tue, 27 Nov 2012 04:03:35 -0800 (PST) Sender: mh.in.england@gmail.com Received: by 10.76.128.139 with HTTP; Tue, 27 Nov 2012 04:03:35 -0800 (PST) In-Reply-To: <626D0E73-1111-4380-AABE-6C8C65F2FFCC@ceptacle.com> References: <895A1D97-68B4-4A2F-B4A1-34814B9BA8AC@ceptacle.com> <626D0E73-1111-4380-AABE-6C8C65F2FFCC@ceptacle.com> Date: Tue, 27 Nov 2012 13:03:35 +0100 X-Google-Sender-Auth: BcfEi2OTnRKMetlogfcILsDbK3I Message-ID: From: Mike Hearn To: Michael Gronager Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.3 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.2 AWL AWL: From: address is in the auto white-list X-Headers-End: 1TdJt7-0008DI-0L Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Payment Protocol Proposal: Invoices/Payments/Receipts X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2012 12:03:41 -0000 > Further, the inclusion of x509 is not really needed in the spec - you don't need to sign the invoice with an x509, you can use the payment key. No, the point of using X509 certs is to get a verified identity (a domain name) on the receipt, this is needed for multi-factor authentication. You can't do that without some kind of third party asserting to an identity.