From: Gregory Maxwell <gmaxwell@gmail.com>
To: Justus Ranvier <justusranvier@riseup.net>
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal: Encrypt bitcoin messages
Date: Tue, 19 Aug 2014 09:38:21 -0700 [thread overview]
Message-ID: <CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com> (raw)
In-Reply-To: <53F37635.5070807@riseup.net>
On Tue, Aug 19, 2014 at 9:07 AM, Justus Ranvier
<justusranvier@riseup.net> wrote:
> If that's not acceptable, even using TLS with self-signed certificates
> would be an improvement.
TLS is a huge complex attack surface, any use of it requires an
additional dependency with a large amount of difficult to audit code.
TLS is trivially DOS attacked and every major/widely used TLS
implementation has had multiple memory disclosure or remote execution
vulnerabilities even in just the last several years.
We've dodged several emergency scale vulnerabilities by not having TLS.
next prev parent reply other threads:[~2014-08-19 16:38 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <CA+8=xuJ+YDTNjyDW7DvP8KPN_nrFWpE68HvLw6EokFa-B-QGKw@mail.gmail.com>
2014-08-19 9:49 ` [Bitcoin-development] Proposal: Encrypt bitcoin messages Raúl Martínez
[not found] ` <0C0EF7F9-DBBA-4872-897D-63CFA3853726@ricmoo.com>
2014-08-19 15:11 ` Raúl Martínez
2014-08-19 15:30 ` Richard Moore
2014-08-19 16:07 ` Justus Ranvier
2014-08-19 16:38 ` Gregory Maxwell [this message]
2014-08-19 16:58 ` Angel Leon
2014-08-19 17:19 ` Christophe Biocca
2014-08-19 17:35 ` Johnathan Corgan
2014-08-19 23:38 ` J Ross Nicoll
2014-08-19 23:39 ` Justus Ranvier
2014-08-19 23:54 ` Gregory Maxwell
2014-08-19 23:40 ` Jeff Garzik
2014-08-20 0:16 ` Peter Todd
2014-08-20 0:21 ` Jeff Garzik
2014-08-20 0:41 ` Peter Todd
2014-08-20 0:59 ` William Yager
2014-08-20 1:14 ` Peter Todd
2014-08-20 1:19 ` William Yager
2014-08-20 1:27 ` Peter Todd
2014-08-20 0:49 ` Justus Ranvier
2014-08-20 0:57 ` Peter Todd
2014-08-23 16:17 ` xor
2014-08-23 16:50 ` Justus Ranvier
2014-08-23 17:50 ` Troy Benjegerdes
2014-08-23 18:22 ` William Yager
2014-08-23 18:44 ` Mike Hearn
2014-08-23 19:02 ` Luke Dashjr
2014-08-23 22:51 ` Peter Todd
[not found] <c45a638f1e1640fe84bef01d12cda4c3@hotmail.com>
2014-08-20 3:23 ` Un Ix
2014-08-20 5:40 ` Cameron Garnham
2014-08-20 14:37 ` Mike Hearn
2014-08-23 6:39 ` Troy Benjegerdes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAS2fgTF6424+FfzaL=+iaio2zu_uM_74yKohi7T3dtz=J9CjA@mail.gmail.com' \
--to=gmaxwell@gmail.com \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=justusranvier@riseup.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox