1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <elarch@gmail.com>) id 1WcWWS-0001yS-16
for bitcoin-development@lists.sourceforge.net;
Tue, 22 Apr 2014 08:57:48 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.217.179 as permitted sender)
client-ip=209.85.217.179; envelope-from=elarch@gmail.com;
helo=mail-lb0-f179.google.com;
Received: from mail-lb0-f179.google.com ([209.85.217.179])
by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WcWWP-0001zn-Ir
for bitcoin-development@lists.sourceforge.net;
Tue, 22 Apr 2014 08:57:47 +0000
Received: by mail-lb0-f179.google.com with SMTP id p9so3978027lbv.24
for <bitcoin-development@lists.sourceforge.net>;
Tue, 22 Apr 2014 01:57:38 -0700 (PDT)
X-Received: by 10.152.234.229 with SMTP id uh5mr567866lac.56.1398157058821;
Tue, 22 Apr 2014 01:57:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.112.31.165 with HTTP; Tue, 22 Apr 2014 01:57:18 -0700 (PDT)
In-Reply-To: <CABh=4qMU_FNMcEtmM_sWWFSvpscPCMpD=pc8xLUud_KbQR=bHw@mail.gmail.com>
References: <CA+WZAEp3HsW5ESGUZ7YfR1MZXGC5jd+LucUt_MUP8K94Xwhuhg@mail.gmail.com>
<CANEZrP0KVyp2Va7Wyy=t0qYkLNK9BDUaSzBfuzQss+=weLJ1Fw@mail.gmail.com>
<CA+WZAEqYKv8T1OMCKhOJvf5FAy=WujJ=OhtsYP9aBf=4ZPNxmw@mail.gmail.com>
<CANEZrP0DTYqobECBbw6eZqdk+-TR_2jhBtOviN08r31EQGmZHQ@mail.gmail.com>
<CANEZrP2Z5x0_kOQ=8-BMzbmi9=D=ou=s3dgEksMA5F84BHSt9A@mail.gmail.com>
<CA+WZAEqREDkDvmhM7AY+Ju3fkm3uOGm39Ef9+SYoEr43ybbg2Q@mail.gmail.com>
<CANEZrP15xWWq2jU5yKjG+9hp___OovtbH+vM5KkzFcaQ=koRow@mail.gmail.com>
<CA+WZAEpwBqucw7kOFrRn_TsnVGaY0-hm4Xv64_i7LweEzQ=oGw@mail.gmail.com>
<CAJHLa0Nd1hVrcB9Koyv99zN_ykJbHW21qC3KdjZHB4PmOLLgnQ@mail.gmail.com>
<CANEZrP170RmbegDfssqZS7KFVQ0rguW3dnE4u1yj7h-Dw5rBTw@mail.gmail.com>
<CAJHLa0POjVLTDqPXTqgf32Oove-KeOd52mDioHf2RZ4izrByxw@mail.gmail.com>
<CABh=4qMU_FNMcEtmM_sWWFSvpscPCMpD=pc8xLUud_KbQR=bHw@mail.gmail.com>
From: =?UTF-8?Q?Eric_Larchev=C3=AAque?= <elarch@gmail.com>
Date: Tue, 22 Apr 2014 10:57:18 +0200
Message-ID: <CA+WZAEq9G1NRqUM312tBsPKrXBx8iBoBQ=RD=5TJmbEVepmUmw@mail.gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: multipart/alternative; boundary=001a1133a6fad4d39604f79dce48
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(elarch[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WcWWP-0001zn-Ir
Subject: Re: [Bitcoin-development] Draft BIP for seamless website
authentication using Bitcoin address
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 22 Apr 2014 08:57:48 -0000
--001a1133a6fad4d39604f79dce48
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
The development of BitID has had some progress, and we have now a working
wallet prototype based on Android Bitcoin Wallet (bitoinj).
The user flow is quite nice and if you are curious here is a short video
demonstration :
https://www.youtube.com/watch?v=3D3eepEWTnRTc
By default, each new first auth request will create and save a new address
(SQRL like). It could be based on BIP32, but this works also without.
This requires to add metadata to addresses, as described here :
https://github.com/bitid/bitid/blob/master/bitid_metadata.md
It open also the fields for decentralized 2FA as well as "pay as guest"
checkout in conjonction with BIP70 payment request.
Eric
On Tue, Apr 22, 2014 at 8:34 AM, Jan M=C3=B8ller <jan.moller@gmail.com> wro=
te:
> The reason why client side certificates have never gained traction becaus=
e
> it is a pain to safely store/backup secrets.
> In bitcoinland we are forced to solve the problem of safely storing
> secrets, and over the years we have come up with software and hardware
> solutions to make this safer and easier to manage for ordinary people.
> Solving this is paramount to the success of Bitcoin, and nobody has solve=
d
> it before on a grand scale.
>
> I see no reason for forcing end users to use two different mechanisms for
> safely managing secrets.
>
> I agree that using a bitcoin address for authentication purposes might be
> confusing and potentially linking your funds with your identity. So I am
> all for using something else than bitcoin addresses and bitcoin private
> keys.
>
> With bip32 we have finally agreed on a mechanism for generating a
> hierarchy of bitcoin private keys from a master seed. A similar approach
> can be used for generating a parallel hierarchy for authentication
> purposes.
>
> - Jan
>
>
>
--001a1133a6fad4d39604f79dce48
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">The development of BitID has had some progress, and we hav=
e now a working wallet prototype based on Android Bitcoin Wallet (bitoinj).=
<div>The user flow is quite nice and if you are curious here is a short vid=
eo demonstration :</div>
<a href=3D"https://www.youtube.com/watch?v=3D3eepEWTnRTc">https://www.youtu=
be.com/watch?v=3D3eepEWTnRTc</a><div><br><div>By default, each new first au=
th request will create and save a new address (SQRL like). It could be base=
d on BIP32, but this works also without.</div>
<div>This requires to add metadata to addresses, as described here :</div><=
div><a href=3D"https://github.com/bitid/bitid/blob/master/bitid_metadata.md=
">https://github.com/bitid/bitid/blob/master/bitid_metadata.md</a><br></div=
>
</div><div><br></div><div>It open also the fields for decentralized 2FA as =
well as "pay as guest" checkout in conjonction with BIP70 payment=
request.</div><div><br></div><div>Eric</div><div><br></div></div><div clas=
s=3D"gmail_extra">
<br><br><div class=3D"gmail_quote">On Tue, Apr 22, 2014 at 8:34 AM, Jan M=
=C3=B8ller <span dir=3D"ltr"><<a href=3D"mailto:jan.moller@gmail.com" ta=
rget=3D"_blank">jan.moller@gmail.com</a>></span> wrote:<br><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;=
padding-left:1ex">
<div dir=3D"ltr"><div>The reason why client side certificates have never ga=
ined traction because it is a pain to safely store/backup secrets.</div><di=
v>In bitcoinland we are forced to solve the problem of safely storing secre=
ts, and over the years we have come up with software and hardware solutions=
to make this safer and easier to manage for ordinary people. Solving this =
is paramount to the success of Bitcoin, and nobody has solved it before on =
a grand scale.=C2=A0</div>
<div><br></div><div>I see no reason for forcing end users to use two differ=
ent mechanisms for safely managing secrets.</div><div><br></div><div>I agre=
e that using a bitcoin address for authentication purposes might be confusi=
ng and potentially linking your funds with your identity. So I am all for u=
sing something else than bitcoin addresses and bitcoin private keys.<br>
</div><div><br></div><div>With bip32 we have finally agreed on a mechanism =
for generating a hierarchy of bitcoin private keys from a master seed. A si=
milar approach can be used for generating a parallel hierarchy for authenti=
cation purposes.=C2=A0<span class=3D"HOEnZb"><font color=3D"#888888"><br>
</font></span></div><span class=3D"HOEnZb"><font color=3D"#888888"><div><br=
></div><div>- Jan</div><div><br></div><div><br></div></font></span></div>
</blockquote></div><br></div>
--001a1133a6fad4d39604f79dce48--
|