1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
|
Return-Path: <dev@jonasschnelli.ch>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 51CAB957
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 28 Jun 2016 12:13:51 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from server3 (server3.include7.ch [144.76.194.38])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id 7DFBA17E
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 28 Jun 2016 12:13:50 +0000 (UTC)
Received: by server3 (Postfix, from userid 115)
id 6D9AA2E604A5; Tue, 28 Jun 2016 14:13:49 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Spam-Level:
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1
autolearn=ham version=3.3.1
Received: from Jonass-MacBook-Pro-2.local (cable-static-140-182.teleport.ch
[87.102.140.182]) by server3 (Postfix) with ESMTPSA id B81FD2D001D2
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 28 Jun 2016 14:13:48 +0200 (CEST)
To: bitcoin-dev@lists.linuxfoundation.org
References: <87h9cecad5.fsf@rustcorp.com.au>
<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
From: Jonas Schnelli <dev@jonasschnelli.ch>
Message-ID: <577269E7.6020008@jonasschnelli.ch>
Date: Tue, 28 Jun 2016 14:13:27 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0)
Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="G0BmU2kctXdVI717EDrCaGBIHSwKfVXaR"
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jun 2016 12:13:51 -0000
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--G0BmU2kctXdVI717EDrCaGBIHSwKfVXaR
Content-Type: multipart/mixed; boundary="lPTLK79lLbshXFovr8BolnGd482DNBTfr"
From: Jonas Schnelli <dev@jonasschnelli.ch>
To: bitcoin-dev@lists.linuxfoundation.org
Message-ID: <577269E7.6020008@jonasschnelli.ch>
Subject: Re: [bitcoin-dev] BIP 151
References: <87h9cecad5.fsf@rustcorp.com.au>
<1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
In-Reply-To: <1E86A00F-0609-4DBC-9543-94AE04CC13C9@voskuil.org>
--lPTLK79lLbshXFovr8BolnGd482DNBTfr
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
Hi Eric
Sorry for not directly addressing your points.
I try to be more precise in this follow up email:
> I understand the use, when coupled with a yet-to-be-devised identity sy=
stem, with Bloom filter features. Yet these features are client-server in=
nature. Libbitcoin (for example) supports client-server features on an i=
ndependent port (and implements a variant of CurveCP for encryption and i=
dentity). My concern arises with application of identity to the P2P proto=
col (excluding Bloom filter features).
I think the bloom filter SPV usecase is not "pure client-server". SPV
clients could request from/broadcast to multiple "trusted nodes".
Trusted nodes could be nodes where the operators have shared
identities/keys in advance over a different channel.
Further private p2p extensions (lets say a p2p form of the estimatefee
command) are something which needs to be discussed first and not
something that is encouraged or outlined in BIP151.
> It seems to me that the desire to secure against the weaknesses of BF i=
s being casually generalized to the P2P network. That generalization may =
actually weaken the security of the P2P protocol. One might consider the =
proper resolution is to move the BF features to a client-server protocol.=
I don't see reasons why BIP151 could weaken the security of the P2P
network. Can you point out some specific concerns?
> The BIP does not make a case for other scenarios, or contemplate the si=
gnificant problems associated with key distribution in any identity syste=
m. Given that the BIP relies on identity, these considerations should be =
fully vetted before heading down another blind alley.
BIP151 does not rely on identities. BIP151 does not use persisted keys
(only ephemeral keys). The authentication/identity system needs to be
described in a another BIP.
But correct, BIP151 without a form of authentication/identity management
is vulnerable to all sorts of MITM attacks and that's why I think BIP151
must be deployed together with an p2p authentication scheme.
Scope creeping and the risks of overspecifying is the main reason to
focus on the "pure encryption part" in BIP151.
Thanks
---
</jonas>
--lPTLK79lLbshXFovr8BolnGd482DNBTfr--
--G0BmU2kctXdVI717EDrCaGBIHSwKfVXaR
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXcmnnAAoJECnUvLZBb1PsEiUP/AliWXm56R/3p2+fQGSgMvPR
/CeP1bDcwUKpFz7p78xt2SYMbASiYvTa8s67mD3SRdp7tRmolaMM51TWTaqeKKel
Svu2uM1KG5PsoNK1Ctlhc2zImMz51Goph1qIb9mmlRtAUQjckICAvypoPAz4xSEB
CKHJuFU7HVQVZeBcE61Wj3jUFHaTu+NwPjMzjRCmbng/9UrDYbpKLwMYwM4mIBWB
rHoLwBw5lmmglyaxNQ1Jmhba+266ak4s9pjPeWG+L87WbDMvpO5cAcvG+NNMD26k
wmedUzFohhyT2KT3S2OTPKxeta2WiYMlvHqmJWtt+Kwzoxb7DPx7y3vXG76vOmm1
N1KdUSjOBrVLR0IQX+bFfNhZQTuKcaFmOl1gIGwmEKyYFD6otUvUZ/bAwpI3/qjM
vXl+WSqCy2fMGaEfKjjPjevXpH5e6F0+xo1uhA8uNGepeHZkCNyEH0rDsHxjHHum
KJttgq2eHpZsPNdK10dXG4gmslJffN3HJ+kYHOvpX8TT07e+4R4iRQsyeSfg6OYf
hEV0jtHAssIbL/+IiBBnw6HSQ2vbDOnjZ/va9M6r89AV24iapRm7lX2NypNR1PcZ
RV8mkbSTErrxiOVPSCQeCECzGGhKFWJsHwRG0S86Fd+vgN1kJcAuW+pjUF9VpRvt
7D5wDvJqabtDN6cn1u5x
=V2gG
-----END PGP SIGNATURE-----
--G0BmU2kctXdVI717EDrCaGBIHSwKfVXaR--
|
