public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Roy Badami <roy@gnomon.org.uk>
To: Mike Hearn <mike@plan99.net>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP70 implementation guidance
Date: Fri, 2 May 2014 21:41:47 +0100	[thread overview]
Message-ID: <20140502204146.GD62950@giles.gnomon.org.uk> (raw)
In-Reply-To: <CANEZrP15TKPcWnjdnfbRd9KxrS_5F=07gTL1DxyMo1os-sVOpA@mail.gmail.com>

> *Extended validation certs*
> 
> When a business is accepting payment, showing the name of the business is
> usually better than showing just the domain name, for a few reasons:
> 
>    1. Unless your domain name *is* your business name like blockchain.info,
>    it looks better and gives more info.
> 
>    2. Domain names are more phishable than EV names, e.g. is the right name
>    bitpay.com or bit-pay.com or bitpay.co.uk?
> 
>    3. More important: Someone who hacks your web server or DNS provider can
>    silently get themselves a domain name SSL cert issued, probably without you
>    noticing. Certificate transparency will eventually fix that but it's years
>    away from full deployment. It's much harder for a hacker to get a bogus EV
>    cert issued to them because there's a lot more checking involved.
> 
> EV certs still have the domain name in the CN field, but they also have the
> business name in the OU field.

Well, many certs have something in the O field.  That has nothing to
do with EV - EV just mandates a particular set of validation
requirements.

> 
> In theory we are supposed to have extra code to check that a certificate
> really was subject to extended validation before showing the contents of
> this field. In practice either bitcoinj nor Bitcoin Core actually do, they
> just always trust it. It'd be nice to fix that in future.

I agree that blindly showing the O field may not be ideal - there
*may* conceivably be some CAs that include it without validation on
their cheap certs (although most cheap certs simply don't include it).
But it's not clear that EV or not is the right criterion here - there
are certainly non-EV certs out there that are organisation validated.
 
> You should show the organisation data instead of the domain name if you
> find it, for EV certs.

I have really mixed feelings about giving this privileged treatment
exclusively to EV certs, for the simple reason that the rules around
EV certs are iniquitous and some businesses are excluded.

e.g. in the UK sole traders (that is, unincorporated businesses) can't
get EV certs because the UK doesn't maintain a trade register of such
businesses and therefore such businesses are incapable of satisfying
the EV rules.

That said, EV certs are here, now, and (sadly) supporting them is
better than doing nothing...

roy





  parent reply	other threads:[~2014-05-02 20:41 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-05-02 15:39 [Bitcoin-development] BIP70 implementation guidance Mike Hearn
2014-05-02 19:21 ` Aaron Voisine
2014-05-02 20:41 ` Roy Badami [this message]
2014-05-04 13:06   ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20140502204146.GD62950@giles.gnomon.org.uk \
    --to=roy@gnomon.org.uk \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=mike@plan99.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox