From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 4CA9F408 for ; Mon, 20 Jul 2015 14:32:15 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from relay5-d.mail.gandi.net (relay5-d.mail.gandi.net [217.70.183.197]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3EF09202 for ; Mon, 20 Jul 2015 14:32:14 +0000 (UTC) Received: from mfilter44-d.gandi.net (mfilter44-d.gandi.net [217.70.178.175]) by relay5-d.mail.gandi.net (Postfix) with ESMTP id 1767D41C062 for ; Mon, 20 Jul 2015 16:32:12 +0200 (CEST) X-Virus-Scanned: Debian amavisd-new at mfilter44-d.gandi.net Received: from relay5-d.mail.gandi.net ([IPv6:::ffff:217.70.183.197]) by mfilter44-d.gandi.net (mfilter44-d.gandi.net [::ffff:10.0.15.180]) (amavisd-new, port 10024) with ESMTP id O17ZSbxVBHQu for ; Mon, 20 Jul 2015 16:32:10 +0200 (CEST) X-Originating-IP: 85.181.106.214 Received: from [192.168.1.2] (x55b56ad6.dyn.telefonica.de [85.181.106.214]) (Authenticated sender: thomasv@electrum.org) by relay5-d.mail.gandi.net (Postfix) with ESMTPSA id 9FFC441C096 for ; Mon, 20 Jul 2015 16:32:10 +0200 (CEST) Message-ID: <55AD0669.4040002@electrum.org> Date: Mon, 20 Jul 2015 16:32:09 +0200 From: Thomas Voegtlin User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 CC: bitcoin-dev@lists.linuxfoundation.org References: <55A4AF62.4090607@electrum.org> <55AB8785.4080201@electrum.org> In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.6 required=5.0 tests=BAYES_00,MISSING_HEADERS, RCVD_IN_DNSWL_LOW autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Proposal: extend bip70 with OpenAlias X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Jul 2015 14:32:15 -0000 hi Mike, I hope you had a good trip! > To get more specific, DNSSEC uses RSA 1024 bit. This causes two problem= s: >=20 > 1. A DNSSEC proof is large, bytes wise. Even a single RSA signature > won't fit nicely in a QR code, I think. >=20 > 2. 1024 bit is the absolute minimum strength you can get away with, > really. DNSSEC assumes frequent key rotations to try and help, which > complicates things. >=20 > So I'm not sure using DNSSEC fixes the usability problem we want to fix= . >=20 In my previous post, I was suggesting to *not* include the proof in the request, because the payer can download it independently. Only the final signature is needed. What makes DNSSEC interesting is not the size of the proof, but rather the fact that you can request it easily, and in a canonical way. A typical lightweight payment request, serialized with EC signature and without the proof, would be about 150 bytes long. > I will do a separate reply to break out some thoughts on replacing QR c= odes. >=20 > Would it be possible to create the same kind of "lightweight payment >> requests" using SSL certificates? Probably, if the final signing key i= s >> a EC key, and if the payment request does not include the whole chain = of >> certificates. >=20 >=20 > Given that the pre-existing value of the PKI is much lower for individu= als > than for companies/websites, where they all have certs already, buildin= g a > Bitcoin-specific or entirely new/independent PKI for people is not so > unthinkable, I agree. >=20 > In theory such a cert could be as minimal as: >=20 > thomasv@electrum.org >=20 > so literally just a signature + a UTF-8 string, and that's it! You don'= t > need anything more if you're willing to sacrifice extensibility, > revocability, etc. Again, we don't have to sacrifice revocability, if the proof is downloaded separately. >=20 > The pubkey of the CA would be obtained by running the pubkey recovery > algorithm on the signature, and then checked against a table of trusted > pubkeys. >=20