From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WcUHl-00009x-3V for bitcoin-development@lists.sourceforge.net; Tue, 22 Apr 2014 06:34:29 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.216.52 as permitted sender) client-ip=209.85.216.52; envelope-from=jan.moller@gmail.com; helo=mail-qa0-f52.google.com; Received: from mail-qa0-f52.google.com ([209.85.216.52]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WcUHk-0007Qi-AC for bitcoin-development@lists.sourceforge.net; Tue, 22 Apr 2014 06:34:29 +0000 Received: by mail-qa0-f52.google.com with SMTP id ih12so623128qab.39 for ; Mon, 21 Apr 2014 23:34:22 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.224.6.10 with SMTP id 10mr14820092qax.45.1398148462845; Mon, 21 Apr 2014 23:34:22 -0700 (PDT) Received: by 10.140.24.201 with HTTP; Mon, 21 Apr 2014 23:34:22 -0700 (PDT) In-Reply-To: References: Date: Tue, 22 Apr 2014 08:34:22 +0200 Message-ID: From: =?UTF-8?Q?Jan_M=C3=B8ller?= To: Bitcoin Dev Content-Type: multipart/alternative; boundary=001a11c2b99478c14604f79bceea X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (jan.moller[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WcUHk-0007Qi-AC Subject: Re: [Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: jan.moller@gmail.com List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 06:34:29 -0000 --001a11c2b99478c14604f79bceea Content-Type: text/plain; charset=UTF-8 The reason why client side certificates have never gained traction because it is a pain to safely store/backup secrets. In bitcoinland we are forced to solve the problem of safely storing secrets, and over the years we have come up with software and hardware solutions to make this safer and easier to manage for ordinary people. Solving this is paramount to the success of Bitcoin, and nobody has solved it before on a grand scale. I see no reason for forcing end users to use two different mechanisms for safely managing secrets. I agree that using a bitcoin address for authentication purposes might be confusing and potentially linking your funds with your identity. So I am all for using something else than bitcoin addresses and bitcoin private keys. With bip32 we have finally agreed on a mechanism for generating a hierarchy of bitcoin private keys from a master seed. A similar approach can be used for generating a parallel hierarchy for authentication purposes. - Jan --001a11c2b99478c14604f79bceea Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
The reason why client side certificates have never ga= ined traction because it is a pain to safely store/backup secrets.
In bitcoinland we are forced to solve the problem of safely storing secre= ts, and over the years we have come up with software and hardware solutions= to make this safer and easier to manage for ordinary people. Solving this = is paramount to the success of Bitcoin, and nobody has solved it before on = a grand scale.=C2=A0

I see no reason for forcing end users to use two differ= ent mechanisms for safely managing secrets.

I agre= e that using a bitcoin address for authentication purposes might be confusi= ng and potentially linking your funds with your identity. So I am all for u= sing something else than bitcoin addresses and bitcoin private keys.

With bip32 we have finally agreed on a mechanism = for generating a hierarchy of bitcoin private keys from a master seed. A si= milar approach can be used for generating a parallel hierarchy for authenti= cation purposes.=C2=A0

- Jan


--001a11c2b99478c14604f79bceea--