1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
|
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <dbanttari@gmail.com>) id 1WV9X9-000394-2T
for bitcoin-development@lists.sourceforge.net;
Wed, 02 Apr 2014 01:00:03 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.214.180 as permitted sender)
client-ip=209.85.214.180; envelope-from=dbanttari@gmail.com;
helo=mail-ob0-f180.google.com;
Received: from mail-ob0-f180.google.com ([209.85.214.180])
by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WV9X6-0007IF-AR
for bitcoin-development@lists.sourceforge.net;
Wed, 02 Apr 2014 01:00:01 +0000
Received: by mail-ob0-f180.google.com with SMTP id wn1so11640262obc.25
for <bitcoin-development@lists.sourceforge.net>;
Tue, 01 Apr 2014 17:59:55 -0700 (PDT)
X-Received: by 10.182.246.35 with SMTP id xt3mr15735234obc.39.1396400394933;
Tue, 01 Apr 2014 17:59:54 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.210.130 with HTTP; Tue, 1 Apr 2014 17:59:34 -0700 (PDT)
In-Reply-To: <8ACA8DF1-30BF-47F4-92CE-E625F44F687C@meek.io>
References: <5339418F.1050800@riseup.net>
<51C10069-5C3B-462A-9184-669ABC6CD9D0@meek.io>
<CAJHLa0MfV0RnVh1niG4vUGUUvB_Vd8HccTys4bf1ApnwuBUd1g@mail.gmail.com>
<C818247C-6422-4F55-A324-826EC5C6A455@meek.io>
<CAHbi5CzOTejUQcaF4Ja45=609A811OvSonE0vXpTuPKSh+5hVA@mail.gmail.com>
<8ACA8DF1-30BF-47F4-92CE-E625F44F687C@meek.io>
From: Daryl Banttari <dbanttari@gmail.com>
Date: Tue, 1 Apr 2014 19:59:34 -0500
Message-ID: <CAHbi5Czk2pq7Xci+3Wjfn==WhRdqNc1sbW86aS8jnwLAT0wsgw@mail.gmail.com>
To: "Chris D'Costa" <chris.dcosta@meek.io>
Content-Type: multipart/alternative; boundary=001a11c2f2d4811a2404f604cd1b
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(dbanttari[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WV9X6-0007IF-AR
Cc: "bitcoin-development@lists.sourceforge.net"
<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] secure assigned bitcoin address directory
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 01:00:03 -0000
--001a11c2f2d4811a2404f604cd1b
Content-Type: text/plain; charset=ISO-8859-1
Chris,
Thank you for taking the time to look at my proposal.
1) pay to addresses are not fixed - ie you can have a different address for
> each transaction (which is why BIP70 is necessary to allow per transaction
> addresses via https.)
>
This is certainly true for a "published" address; however a new address
(and URL) can be generated for each one-off peer-to-peer transaction.
However, I'd expect that most of the time this use case will be handed by
BIP70. Still, this could allow someone to implement a authenticated,
non-repudiable payment request without having to go through the hassle of a
full BIP70 implementation.
> 2) unless you are already aware of the public key of the signature, you
> do not know if the signature is made by the person you think it is supposed
> to be from. See recent concern over fake key for Gavin Andresen. Ie a
> signature can always be verified with a valid public key, the question is
> was it the real person's key. That is what WoT tried to resolve with
> so-called "signing parties", nowadays keys posted to a public forum by a
> known user, but it's not a standard and not ideal.
>
My proposal leverages the existing SSL key system (yes, PKI), so there is a
reasonable expectation that if the signature verifies, it came from the
party indicated on the cert. While SSL (and the PKI system underpinning
it) have its faults, the example you highlighted was specifically a problem
with WoT, not PKI. Can a compromised web server cause payments to be made
to the wrong party? Of course-- but that's already true. And that's not
something BIP70 solves (or attempts to solve) either.
(To explain [better than I could] why I feel PKI is a pragmatic solution, I
defer to Mike Hearn 's article:
https://medium.com/bitcoin-security-functionality/b64cf5912aa7)
--Daryl
--001a11c2f2d4811a2404f604cd1b
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra">Chris,</div><div class=3D"gmail=
_extra"><br></div><div class=3D"gmail_extra">Thank you for taking the time =
to look at my proposal.</div><div class=3D"gmail_extra"><br><div class=3D"g=
mail_quote">
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex"><div>1) pay to addresses are not fixed - ie you can have a=
different address for each transaction (which is why BIP70 is necessary to=
allow per transaction addresses via https.)</div>
<div></div></blockquote><div><br></div><div><div>This is certainly true for=
a "published" address; however a new address (and URL) can be ge=
nerated for each one-off peer-to-peer transaction. =A0However, I'd expe=
ct that most of the time this use case will be handed by BIP70. =A0Still, t=
his could allow someone to implement a authenticated, non-repudiable paymen=
t request without having to go through the hassle of a full BIP70 implement=
ation.</div>
</div><div>=A0</div><blockquote class=3D"gmail_quote" style=3D"margin:0px 0=
px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);borde=
r-left-style:solid;padding-left:1ex"><div>2) unless you are already aware o=
f the =A0public key of the signature, you do not know if the signature is m=
ade by the person you think it is supposed to be from. See recent concern o=
ver fake key for Gavin Andresen. Ie a signature can always be verified with=
a valid public key, the question is was it the real person's key. That=
is what WoT tried to resolve with so-called "signing parties", n=
owadays keys posted to a public forum by a known user, but it's not a s=
tandard and not ideal.</div>
</blockquote></div><br>My proposal leverages the existing SSL key system (y=
es, PKI), so there is a reasonable expectation that if the signature verifi=
es, it came from the party indicated on the cert. =A0While SSL (and the PKI=
system underpinning it) have its faults, the example you highlighted was s=
pecifically a problem with WoT, not PKI. =A0Can a compromised web server ca=
use payments to be made to the wrong party? =A0Of course-- but that's a=
lready true. =A0And that's not something BIP70 solves (or attempts to s=
olve) either.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">(To explain=
[better than I could] why I feel PKI is a pragmatic solution, I defer to M=
ike Hearn 's article: =A0<a href=3D"https://medium.com/bitcoin-security=
-functionality/b64cf5912aa7">https://medium.com/bitcoin-security-functional=
ity/b64cf5912aa7</a>)</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">--Daryl</di=
v></div>
--001a11c2f2d4811a2404f604cd1b--
|
