From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <adam@cypherspace.org>) id 1WQbpv-0007c7-U0
	for bitcoin-development@lists.sourceforge.net;
	Thu, 20 Mar 2014 12:12:39 +0000
X-ACL-Warn: 
Received: from mout.perfora.net ([74.208.4.195])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1WQbpu-0003oJ-GT
	for bitcoin-development@lists.sourceforge.net;
	Thu, 20 Mar 2014 12:12:39 +0000
Received: from netbook (c107-70.i07-27.onvol.net [92.251.107.70])
	by mrelay.perfora.net (node=mrus2) with ESMTP (Nemesis)
	id 0LoVeM-1X1IAK2waA-00g0AC; Thu, 20 Mar 2014 08:12:31 -0400
Received: by netbook (Postfix, from userid 1000)
	id 9E8122E2836; Thu, 20 Mar 2014 13:12:24 +0100 (CET)
Received: by flare (hashcash-sendmail, from uid 1000);
	Thu, 20 Mar 2014 13:12:22 +0100
Date: Thu, 20 Mar 2014 13:12:21 +0100
From: Adam Back <adam@cypherspace.org>
To: Mike Hearn <mike@plan99.net>
Message-ID: <20140320121221.GA25052@netbook.cypherspace.org>
References: <lc5hmg$1jh$1@ger.gmane.org> <leuunm$tjk$1@ger.gmane.org>
	<CANEZrP3nQfvDArKTRgje0Cus4G2JD_zpxSjA3fXfxM2TNAP80Q@mail.gmail.com>
	<CALDj+BafD+6KTNcYDBEu5gNPzYozSkiC-JCxrY-PzXL2DYBRsw@mail.gmail.com>
	<CAJHLa0N4J_Z907+D0ENSNKfNAW2N=7Jf4JzSCO=SU558GtGTzA@mail.gmail.com>
	<lge7nk$3mf$2@ger.gmane.org>
	<CANEZrP0J849oDvMWjf8LWi0xj44Q8DaUwDip5_smVBMNgeQ3mw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <CANEZrP0J849oDvMWjf8LWi0xj44Q8DaUwDip5_smVBMNgeQ3mw@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Hashcash: 1:20:140320:mike@plan99.net::YzN+0USrh9lIqBLH:003Ut6
X-Hashcash: 1:20:140320:andreas@schildbach.de::0T07XhQ8pna5iLGn:0000000000000000
	0000000000000000000000009wfH
X-Hashcash: 1:20:140320:bitcoin-development@lists.sourceforge.net::8mFXmud/OdUhG
	onB:000000000000000000000WA7
X-Hashcash: 1:20:140320:adam@cypherspace.org::u5S4UKzdaaOGfl+E:00000000000000000
	0000000000000000000000002fV5
X-Provags-ID: V02:K0:Mj3baQDD7dPl1YOj9m4ctfXeJl2ioBtVc7ssYuozFdl
	EdF/hfmpYrdZStJte5wU2vTXr6V5P2WvMcz6/tChOOxxB/+RX5
	346MxBDZ/AoiqGuLQT0N08Z3c4IZulWJdUfQyFRiExJo0DKFum
	xWn0PZ0cvgRKdidvKLQw6v5wP/pEcYdYiwNWhLcwB+CF4tbEWu
	pvCBm/7OgjQa0d8zCg99v8NW8ffjVHP85QkSTnb2X37lThe5Sh
	9LNdaqD/OdfapWdPdDchvQdRMxRQRdPvscpuaOxlRPUP+59WwG
	gKCF6Oc6VEKQCfoEGyoXcDdGQSBOy+rtldloI4x9Ic4+oeEF08
	h7KXnjiLV8fDhEKD+YUv17Q+WOv1fdxUDjFGu7yTr
X-Spam-Score: -0.0 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
	no trust [74.208.4.195 listed in list.dnswl.org]
	-0.0 SPF_HELO_PASS          SPF: HELO matches SPF record
X-Headers-End: 1WQbpu-0003oJ-GT
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>,
	Andreas Schildbach <andreas@schildbach.de>
Subject: Re: [Bitcoin-development] Payment Protocol for Face-to-face Payments
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 20 Mar 2014 12:12:40 -0000

Whats a sensible limit on practical/convenient QR code size?

How much of the payment protocol message size comes from use of x509?

(Just exploring what the options are).

Adam

On Thu, Mar 20, 2014 at 11:36:09AM +0100, Mike Hearn wrote:
>   Encoding entire payment requests into qrcodes is definitely not the way
>   to go. They can already be large when signed and we're just at the
>   start of adding features.
>   Finishing off and standardising the bluetooth support is the way to go
>   (r=bt:mac). Andreas' app already has some support for this I believe,
>   so Alex you could prototype with that, but we need to:
>   1) Add an encryption/auth layer on top, because it runs over RFCOMM
>   sockets. The authentication would require proof of owning the Bitcoin
>   key that's in the address part of the URI (which is needed for
>   backwards compat anyway).
>   2) Write a BIP for it and make sure it's interoperable
>   For the auth layer we could either use SSL and then just ignore the
>   server certificate and require signing of the session public key with
>   the Bitcoin key, which should be easy to code up but is rather heavy on
>   the air, or roll a custom lightweight thing where we just do a basic
>   ECDH, with the servers key being the same as the address key. But
>   rolling such protocols is subtle and I guess it'd need to be reviewed
>   by people familiar with such things.
>   This feels like a good opportunity to grow the community - perhaps we
>   can find a volunteer in the forums who enjoys crypto.