1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mh.in.england@gmail.com>) id 1Vce1b-0008GS-Cs
for bitcoin-development@lists.sourceforge.net;
Sat, 02 Nov 2013 16:26:11 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.214.173 as permitted sender)
client-ip=209.85.214.173; envelope-from=mh.in.england@gmail.com;
helo=mail-ob0-f173.google.com;
Received: from mail-ob0-f173.google.com ([209.85.214.173])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1Vce1a-0004BZ-Hv
for bitcoin-development@lists.sourceforge.net;
Sat, 02 Nov 2013 16:26:11 +0000
Received: by mail-ob0-f173.google.com with SMTP id gq1so5733786obb.32
for <bitcoin-development@lists.sourceforge.net>;
Sat, 02 Nov 2013 09:26:05 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.182.88.202 with SMTP id bi10mr346960obb.52.1383409565153;
Sat, 02 Nov 2013 09:26:05 -0700 (PDT)
Sender: mh.in.england@gmail.com
Received: by 10.76.156.42 with HTTP; Sat, 2 Nov 2013 09:26:05 -0700 (PDT)
In-Reply-To: <5274FBF7.90301@iki.fi>
References: <20131102050144.5850@gmx.com>
<CANEZrP2UwEX+u0XCxmaMaRWqVMr+3E63UYnVz9oMubbsiJU+6A@mail.gmail.com>
<5274FBF7.90301@iki.fi>
Date: Sat, 2 Nov 2013 17:26:05 +0100
X-Google-Sender-Auth: 5QkBCagsDL00dukxZaLmU7n-vW0
Message-ID: <CANEZrP2N1DRBcN4JuXKJAodKwk=qNk5hiSnLyx1vbQ1gAd=EhQ@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Hannu Kotipalo <hannu.kotipalo@iki.fi>
Content-Type: multipart/alternative; boundary=089e0111be76b5c2f804ea342325
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mh.in.england[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information. [URIs: iki.fi]
1.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1Vce1a-0004BZ-Hv
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Message Signing based authentication
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 02 Nov 2013 16:26:11 -0000
--089e0111be76b5c2f804ea342325
Content-Type: text/plain; charset=UTF-8
Guys, identity systems for the web are off-topic for this list. Other than
the anonymous passports/SINs/fidelity bond ideas, Bitcoin doesn't have any
relevance to it.
On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <hannu.kotipalo@iki.fi>wrote:
> Maybe this is a bit off-topic, but the *real* answer to the question
> "why-is-nobody-using-ssl-client-certificates" is that it would force
> www pages to be encrypted and would make it a lot more difficult for
> NSA to log www-trafic.
>
No, it wouldn't. You can log a user in using SSL and then redirect the user
back to an encrypted page, using cookies for the rest of the session.
Please don't clutter up this list with conspiracy theories. The brutal
reality is that identity is a hard problem.
--089e0111be76b5c2f804ea342325
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Guys, identity systems for the web are off-topic for this =
list. Other than the anonymous passports/SINs/fidelity bond ideas, Bitcoin =
doesn't have any relevance to it.<div class=3D"gmail_extra"><br><div cl=
ass=3D"gmail_quote">
On Sat, Nov 2, 2013 at 2:19 PM, Hannu Kotipalo <span dir=3D"ltr"><<a hre=
f=3D"mailto:hannu.kotipalo@iki.fi" target=3D"_blank">hannu.kotipalo@iki.fi<=
/a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:=
0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Maybe this is a bit off-topic, but the *real* answer to the question<br>
"why-is-nobody-using-ssl-client-certificates" is that it would fo=
rce<br>
www pages to be encrypted and would make it a lot more difficult for<br>
NSA to log www-trafic.<br></blockquote><div><br></div><div>No, it wouldn=
9;t. You can log a user in using SSL and then redirect the user back to an =
encrypted page, using cookies for the rest of the session. Please don't=
clutter up this list with conspiracy theories. The brutal reality is that =
identity is a hard problem.</div>
</div></div></div>
--089e0111be76b5c2f804ea342325--
|
