1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mh.in.england@gmail.com>) id 1WVJri-0000Hq-Bd
for bitcoin-development@lists.sourceforge.net;
Wed, 02 Apr 2014 12:01:58 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.214.177 as permitted sender)
client-ip=209.85.214.177; envelope-from=mh.in.england@gmail.com;
helo=mail-ob0-f177.google.com;
Received: from mail-ob0-f177.google.com ([209.85.214.177])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1WVJrh-0000hh-7G
for bitcoin-development@lists.sourceforge.net;
Wed, 02 Apr 2014 12:01:58 +0000
Received: by mail-ob0-f177.google.com with SMTP id wo20so88414obc.8
for <bitcoin-development@lists.sourceforge.net>;
Wed, 02 Apr 2014 05:01:51 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.182.105.1 with SMTP id gi1mr166537obb.9.1396440111780; Wed,
02 Apr 2014 05:01:51 -0700 (PDT)
Sender: mh.in.england@gmail.com
Received: by 10.76.71.231 with HTTP; Wed, 2 Apr 2014 05:01:51 -0700 (PDT)
In-Reply-To: <CAHbi5Czk2pq7Xci+3Wjfn==WhRdqNc1sbW86aS8jnwLAT0wsgw@mail.gmail.com>
References: <5339418F.1050800@riseup.net>
<51C10069-5C3B-462A-9184-669ABC6CD9D0@meek.io>
<CAJHLa0MfV0RnVh1niG4vUGUUvB_Vd8HccTys4bf1ApnwuBUd1g@mail.gmail.com>
<C818247C-6422-4F55-A324-826EC5C6A455@meek.io>
<CAHbi5CzOTejUQcaF4Ja45=609A811OvSonE0vXpTuPKSh+5hVA@mail.gmail.com>
<8ACA8DF1-30BF-47F4-92CE-E625F44F687C@meek.io>
<CAHbi5Czk2pq7Xci+3Wjfn==WhRdqNc1sbW86aS8jnwLAT0wsgw@mail.gmail.com>
Date: Wed, 2 Apr 2014 14:01:51 +0200
X-Google-Sender-Auth: elEXM-ttvQKpd17Yzcx928pMoQc
Message-ID: <CANEZrP0UT=QCDmKDaVcWcf++bJzXSiT83ubUXLmd0N8-6nvrrQ@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Daryl Banttari <dbanttari@gmail.com>
Content-Type: multipart/alternative; boundary=e89a8ff1cf66d05fac04f60e0cf6
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mh.in.england[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1WVJrh-0000hh-7G
Cc: "bitcoin-development@lists.sourceforge.net"
<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] secure assigned bitcoin address directory
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 12:01:58 -0000
--e89a8ff1cf66d05fac04f60e0cf6
Content-Type: text/plain; charset=UTF-8
Hi Daryl,
I think the reason nobody has done that is that BIP70 isn't really that
much work. It's basically just certs inside a protobuf, with a bit of extra
data. I'm not sure yet another way to do the same thing is worth much.
On Wed, Apr 2, 2014 at 2:59 AM, Daryl Banttari <dbanttari@gmail.com> wrote:
> Chris,
>
> Thank you for taking the time to look at my proposal.
>
> 1) pay to addresses are not fixed - ie you can have a different address
>> for each transaction (which is why BIP70 is necessary to allow per
>> transaction addresses via https.)
>>
>
> This is certainly true for a "published" address; however a new address
> (and URL) can be generated for each one-off peer-to-peer transaction.
> However, I'd expect that most of the time this use case will be handed by
> BIP70. Still, this could allow someone to implement a authenticated,
> non-repudiable payment request without having to go through the hassle of a
> full BIP70 implementation.
>
>
>> 2) unless you are already aware of the public key of the signature, you
>> do not know if the signature is made by the person you think it is supposed
>> to be from. See recent concern over fake key for Gavin Andresen. Ie a
>> signature can always be verified with a valid public key, the question is
>> was it the real person's key. That is what WoT tried to resolve with
>> so-called "signing parties", nowadays keys posted to a public forum by a
>> known user, but it's not a standard and not ideal.
>>
>
> My proposal leverages the existing SSL key system (yes, PKI), so there is
> a reasonable expectation that if the signature verifies, it came from the
> party indicated on the cert. While SSL (and the PKI system underpinning
> it) have its faults, the example you highlighted was specifically a problem
> with WoT, not PKI. Can a compromised web server cause payments to be made
> to the wrong party? Of course-- but that's already true. And that's not
> something BIP70 solves (or attempts to solve) either.
>
> (To explain [better than I could] why I feel PKI is a pragmatic solution,
> I defer to Mike Hearn 's article:
> https://medium.com/bitcoin-security-functionality/b64cf5912aa7)
>
> --Daryl
>
>
> ------------------------------------------------------------------------------
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
--e89a8ff1cf66d05fac04f60e0cf6
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hi Daryl,<div><br></div><div>I think the reason nobody has=
done that is that BIP70 isn't really that much work. It's basicall=
y just certs inside a protobuf, with a bit of extra data. I'm not sure =
yet another way to do the same thing is worth much.</div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Wed,=
Apr 2, 2014 at 2:59 AM, Daryl Banttari <span dir=3D"ltr"><<a href=3D"ma=
ilto:dbanttari@gmail.com" target=3D"_blank">dbanttari@gmail.com</a>></sp=
an> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_extra">=
Chris,</div><div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra"=
>Thank you for taking the time to look at my proposal.</div>
<div class=3D"gmail_extra"><br><div class=3D"gmail_quote"><div class=3D"">
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;p=
adding-left:1ex"><div>1) pay to addresses are not fixed - ie you can have a=
different address for each transaction (which is why BIP70 is necessary to=
allow per transaction addresses via https.)</div>
<div></div></blockquote><div><br></div></div><div><div>This is certainly tr=
ue for a "published" address; however a new address (and URL) can=
be generated for each one-off peer-to-peer transaction. =C2=A0However, I&#=
39;d expect that most of the time this use case will be handed by BIP70. =
=C2=A0Still, this could allow someone to implement a authenticated, non-rep=
udiable payment request without having to go through the hassle of a full B=
IP70 implementation.</div>
</div><div class=3D""><div>=C2=A0</div><blockquote class=3D"gmail_quote" st=
yle=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb=
(204,204,204);border-left-style:solid;padding-left:1ex"><div>2) unless you =
are already aware of the =C2=A0public key of the signature, you do not know=
if the signature is made by the person you think it is supposed to be from=
. See recent concern over fake key for Gavin Andresen. Ie a signature can a=
lways be verified with a valid public key, the question is was it the real =
person's key. That is what WoT tried to resolve with so-called "si=
gning parties", nowadays keys posted to a public forum by a known user=
, but it's not a standard and not ideal.</div>
</blockquote></div></div><br>My proposal leverages the existing SSL key sys=
tem (yes, PKI), so there is a reasonable expectation that if the signature =
verifies, it came from the party indicated on the cert. =C2=A0While SSL (an=
d the PKI system underpinning it) have its faults, the example you highligh=
ted was specifically a problem with WoT, not PKI. =C2=A0Can a compromised w=
eb server cause payments to be made to the wrong party? =C2=A0Of course-- b=
ut that's already true. =C2=A0And that's not something BIP70 solves=
(or attempts to solve) either.</div>
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">(To explain=
[better than I could] why I feel PKI is a pragmatic solution, I defer to M=
ike Hearn 's article: =C2=A0<a href=3D"https://medium.com/bitcoin-secur=
ity-functionality/b64cf5912aa7" target=3D"_blank">https://medium.com/bitcoi=
n-security-functionality/b64cf5912aa7</a>)</div>
<span class=3D"HOEnZb"><font color=3D"#888888">
<div class=3D"gmail_extra"><br></div><div class=3D"gmail_extra">--Daryl</di=
v></font></span></div>
<br>-----------------------------------------------------------------------=
-------<br>
<br>_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>
--e89a8ff1cf66d05fac04f60e0cf6--
|
