1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <marek@palatinus.cz>) id 1WW5i5-0004kz-Qq
for bitcoin-development@lists.sourceforge.net;
Fri, 04 Apr 2014 15:07:13 +0000
X-ACL-Warn:
Received: from mail-ob0-f176.google.com ([209.85.214.176])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WW5i4-0005j6-I5
for bitcoin-development@lists.sourceforge.net;
Fri, 04 Apr 2014 15:07:13 +0000
Received: by mail-ob0-f176.google.com with SMTP id wp18so3591795obc.21
for <bitcoin-development@lists.sourceforge.net>;
Fri, 04 Apr 2014 08:07:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
:date:message-id:subject:to:cc:content-type;
bh=dOozmKPWJoBcc6HncCk3a8k2bB90EPukP5kjTD5DFKo=;
b=GrKQnBBLxSo1TfJ4ceSsNsqxLVNONQk5Ql94TRi9Pjvuiq3JR0c+pp/QwkMuwdGH2v
0153kVMx0pS8/nA3G4ZEAzrnzWZBIiTDliOqylCxUve7+30yYermXOIUOMnDjZtUrbfn
6treFsHM1KkMbZXhPbQZB8v7Xyspg4m4vwm4f7U2aKYdFuaHqVU91nslqsANm5h5ZuIg
WNdWfKVLNVJCfL8qgBOHI9rpBkqS1FAJFOQ0WjSOR+jxWF/qn5ZoufN1doPINirDkIka
G/vlF5Dz8D7kVoglBjlFWUgY0+0Zv9HmTN+TMlypih7p/SZA8BXOYlItq/pQJRWv8/iU
VdUQ==
X-Gm-Message-State: ALoCoQlEmP8OHsOctqZbxEIis5pp8E+fa7adtYa7xcUKF092IaCetdWLb0Y0422LJn21uXq+xPdJ
X-Received: by 10.60.62.146 with SMTP id y18mr20063229oer.24.1396623639828;
Fri, 04 Apr 2014 08:00:39 -0700 (PDT)
MIME-Version: 1.0
Sender: marek@palatinus.cz
Received: by 10.60.102.9 with HTTP; Fri, 4 Apr 2014 08:00:09 -0700 (PDT)
In-Reply-To: <CANEZrP15xWWq2jU5yKjG+9hp___OovtbH+vM5KkzFcaQ=koRow@mail.gmail.com>
References: <CA+WZAEp3HsW5ESGUZ7YfR1MZXGC5jd+LucUt_MUP8K94Xwhuhg@mail.gmail.com>
<CANEZrP0KVyp2Va7Wyy=t0qYkLNK9BDUaSzBfuzQss+=weLJ1Fw@mail.gmail.com>
<CA+WZAEqYKv8T1OMCKhOJvf5FAy=WujJ=OhtsYP9aBf=4ZPNxmw@mail.gmail.com>
<CANEZrP0DTYqobECBbw6eZqdk+-TR_2jhBtOviN08r31EQGmZHQ@mail.gmail.com>
<CANEZrP2Z5x0_kOQ=8-BMzbmi9=D=ou=s3dgEksMA5F84BHSt9A@mail.gmail.com>
<CA+WZAEqREDkDvmhM7AY+Ju3fkm3uOGm39Ef9+SYoEr43ybbg2Q@mail.gmail.com>
<CANEZrP15xWWq2jU5yKjG+9hp___OovtbH+vM5KkzFcaQ=koRow@mail.gmail.com>
From: slush <slush@centrum.cz>
Date: Fri, 4 Apr 2014 17:00:09 +0200
X-Google-Sender-Auth: ZKfZQKQcSwhezIIQbBdN_D1UpDY
Message-ID: <CAJna-Hji-kyM8J3GFDmpAwHksX1qmJBuR7yWDVaMG2GT=FeqNg@mail.gmail.com>
To: Mike Hearn <mike@plan99.net>
Content-Type: multipart/alternative; boundary=047d7b6769e8eff56a04f638c7b0
X-Spam-Score: 1.0 (+)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(slush[at]centrum.cz)
1.0 HTML_MESSAGE BODY: HTML included in message
X-Headers-End: 1WW5i4-0005j6-I5
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Draft BIP for seamless website
authentication using Bitcoin address
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 15:07:14 -0000
--047d7b6769e8eff56a04f638c7b0
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Apr 4, 2014 at 4:51 PM, Mike Hearn <mike@plan99.net> wrote:
>
> I don't want to suggest the problem is unimportant - I'd love it if the
> world could move beyond passwords. But I have many scars from my time in
> the Google account swamps. We had a big team, lots of resources and even
> just getting people to use their phone as a second factor - *the simplest
> second factor possible* - was a huge uphill battle that most users just
> didn't care about. People like passwords. If you can find a way to make
> something that's better than a password but just as convenient, fantastic!
> But I don't think Bitcoin addresses are such a thing.
>
>
With all respect to your experience, I think you're wrong, for one reason.
2fa auth doesn't *remove* the need of password. It actually *adds* yet
another layer, which complicates stuff for average user. Common user, which
is not paranoid enough (like me) simply don't think he has anything to
hide, so they simply don't see why they should *complicate* their live with
2fa, backing up their phone etc.
In the oposite, authentication based on bitcoin wallet could make the
process much easier and remove the need of passwords at all, because people
*already* care about safe storage of their coins.
Marek
--047d7b6769e8eff56a04f638c7b0
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">=
On Fri, Apr 4, 2014 at 4:51 PM, Mike Hearn <span dir=3D"ltr"><<a href=3D=
"mailto:mike@plan99.net" target=3D"_blank">mike@plan99.net</a>></span> w=
rote:<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;bo=
rder-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:so=
lid;padding-left:1ex">
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div=
>I don't want to suggest the problem is unimportant - I'd love it i=
f the world could move beyond passwords. But I have many scars from my time=
in the Google account swamps. We had a big team, lots of resources and eve=
n just getting people to use their phone as a second factor - <i>the simple=
st second factor possible</i>=A0- was a huge uphill battle that most users =
just didn't care about. People like passwords. If you can find a way to=
make something that's better than a password but just as convenient, f=
antastic! But I don't think Bitcoin addresses are such a thing.</div>
</div></div></div>
<br></blockquote><div><br></div><div>With all respect to your experience, I=
think you're wrong, for one reason.</div><div><br></div><div>2fa auth =
doesn't *remove* the need of password. It actually *adds* yet another l=
ayer, which complicates stuff for average user. Common user, which is not p=
aranoid enough (like me) simply don't think he has anything to hide, so=
they simply don't see why they should *complicate* their live with 2fa=
, backing up their phone etc.</div>
<div><br></div><div>In the oposite, authentication based on bitcoin wallet =
could make the process much easier and remove the need of passwords at all,=
because people *already* care about safe storage of their coins.</div>
<div><br></div><div>Marek</div></div></div></div>
--047d7b6769e8eff56a04f638c7b0--
|
