Hi Thomas,

Re: NetKi, I think any proposal in this space has to be an open standard, almost by the definition of what it is. At any rate, it may be worth talking to them. They have signed up to implement their system at least.

I did understand that your proposal does not rely on email - for instance a web forum could issue username@reddit.com type aliases, even if those are not also email accounts. I am just continuing the comparison against email address certs.

It's also the case that a domain can use the DKIM setup without actually offering email accounts. They can just have a web form or API that triggers sending of the signed email (or simply, providing the signed headers themselves). Thus the same system can be used transparently by both email providers and other sites that don't give their users email addresses, but would still like to use the same system.

Hardly anyone uses email certificates today, so I don't think it would
affect a lot of users.

No, but obviously we'd like to change that! The holdup is not the certificate side of things, really, but rather the lack of a store-and-forward network for signed payment requests. I keep asking someone to build one but I fear the problem is almost too simple ...... everyone who looks at this decides to solve 12 other problems simultaneously, it gets complicated, then they never launch :(

Once there's a simple and robust way to get PaymentRequest's from one end user to another, even when that first user is offline, then getting an email cert issued is no big deal.

That does not look so... not until (1) BIP70 wallets integrate with
https://crt.sh, (2) you convince that service to index email certs (3)
you convince all CAs to report all email certs they issue to crt.sh.

Any solution that separates identity providers from certificate issuers would have these requirements, though. And as many identity providers today do not wish to become CAs too, it seems fundamental.

I don't think it's such a problem, mind you. The crt.sh website is actually a frontend to the CT protocol, which is a somewhat blockchain like audit log that's eventually intended to contain all issued certificates. Right now, of course, they focus on SSL certs because those are the most common and important. If other kinds of certs became more widely used, support in the infrastructure would follow.



Don't get me wrong - I would like to see a way for a domain to delegate BIP70 signing power to a third party. For instance, this would mean payment processors like BitPay could sign on the behalf of the merchant, and the merchant identity would then show up in wallets. The "chain a cert off a domain cert" trick would be a good way to do that, though rather than hacking the X.509 stack to validate invalid stuff, at this point it may as well be a custom (better) cert format. There's little reason to use X.509 beyond backwards compatibility.

But the most popular identity providers today either don't care about Bitcoin at all, or worse, are developing competitors to it. So for real adoption to occur, we must have solutions that do not require identity provider cooperation. I realise this is a business reason rather than a technical reason, but it's a very strong one - so bootstrapping off existing infrastructure with a split CA/ID provider design still makes much more sense to me.