From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XSO8B-0003Ir-7K for bitcoin-development@lists.sourceforge.net; Fri, 12 Sep 2014 10:31:07 +0000 Received: from prei.vps.van-cuijk.nl ([79.170.90.37]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1XSO88-0001De-QR for bitcoin-development@lists.sourceforge.net; Fri, 12 Sep 2014 10:31:07 +0000 Received: from [192.168.29.45] (unknown [89.146.26.107]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: mo_mark) by prei.vps.van-cuijk.nl (Postfix) with ESMTPSA id 1162A41BFF for ; Fri, 12 Sep 2014 12:11:50 +0200 (CEST) Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) From: Mark van Cuijk In-Reply-To: Date: Fri, 12 Sep 2014 12:11:48 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: References: To: bitcoin-development@lists.sourceforge.net X-Mailer: Apple Mail (2.1878.6) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. X-Headers-End: 1XSO88-0001De-QR Subject: Re: [Bitcoin-development] BIP72 amendment proposal X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Sep 2014 10:31:07 -0000 On 12 Sep 2014, at 11:55 , = bitcoin-development-request@lists.sourceforge.net wrote: > The hash is meant to link the trust anchor (e.g. the QR code) to the > payment request message in a secure way. This will solve the problem > several apps are comparing address+amount fields as a workaround > instead, preventing some advanced BIP70 usecases. When these apps read = a > matching hash, they need not compare any of the other fields. Sounds like a good plan. Do you have a list (possibly incomplete) of apps that perform this kind = of checking? We=92re currently working with some parties in a supply = chain to allow a consumer payment on a retail website to automatically = pay supply chain parties, the way BIP70 allows with multiple outputs on = a transaction. This behaviour would prohibit this use case. /Mark=