From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YJTGY-00047m-RR for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 20:43:10 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 74.125.82.181 as permitted sender) client-ip=74.125.82.181; envelope-from=mh.in.england@gmail.com; helo=mail-we0-f181.google.com; Received: from mail-we0-f181.google.com ([74.125.82.181]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YJTGX-0004Sf-Mc for bitcoin-development@lists.sourceforge.net; Thu, 05 Feb 2015 20:43:10 +0000 Received: by mail-we0-f181.google.com with SMTP id k48so9851110wev.12 for ; Thu, 05 Feb 2015 12:43:03 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.180.107.164 with SMTP id hd4mr20080wib.7.1423168983708; Thu, 05 Feb 2015 12:43:03 -0800 (PST) Sender: mh.in.england@gmail.com Received: by 10.194.188.11 with HTTP; Thu, 5 Feb 2015 12:43:03 -0800 (PST) In-Reply-To: References: Date: Thu, 5 Feb 2015 21:43:03 +0100 X-Google-Sender-Auth: Z16KszGhKIpBYFACV4W7hvxT1sA Message-ID: From: Mike Hearn To: Paul Puey Content-Type: multipart/alternative; boundary=e89a8f3ba085baba86050e5d5934 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1YJTGX-0004Sf-Mc Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Proposal for P2P Wireless (Bluetooth LE) transfer of Payment URI X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 20:43:10 -0000 --e89a8f3ba085baba86050e5d5934 Content-Type: text/plain; charset=UTF-8 > > Even if a user could get the BIP70 URL in the URI, they would still need > internet to access the URL. > The way Bitcoin Wallet does it, the bitcoin URI includes a MAC address where you can download the request from. BIP70 does not depend on internet access or HTTP, plus, you don't have to sign them. The name field might work but requires the merchant to set it, e.g. by asking the payer what their name is, then typing it in, then the payer has to wait for it to show up. By this point it's probably faster to have scanned a QR code. Re: security. I'll repeat what I wrote up-thread in case you didn't see it: it's not clear to me at all that this partial address scheme is actually > secure. The assumption appears to be that the MITM must match the address > prefix generated by the genuine merchant. But if they can do a wireless > MITM they can just substitute their own address prefix/partial address, no? > > To avoid MITM attacks the sender must know who they are sending money to, > and that means they must see a human understandable name that's > cryptographically bound to the right public key. Displaying partial > addresses to the user is not going to solve this unless users manually > compare key prefixes across the screens.... which is even less convenient > than a QR code. > --e89a8f3ba085baba86050e5d5934 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Even if a user could get the BIP70 URL in the URI, they would still ne= ed internet to access the URL.

The way Bitcoin Wallet does it, the bitcoin URI includes a MAC addr= ess where you can download the request from. BIP70 does not depend on inter= net access or HTTP, plus, you don't have to sign them.

The name field might work but requires the merchant to set it, e.g= . by asking the payer what their name is, then typing it in, then the payer= has to wait for it to show up. By this point it's probably faster to h= ave scanned a QR code.

Re: security. I'll repe= at what I wrote up-thread in case you didn't see it:

it's not= clear to me at all that this partial address scheme is actually secure. Th= e assumption appears to be that the MITM must match the address prefix gene= rated by the genuine merchant. But if they can do a wireless MITM they can = just substitute their own address prefix/partial address, no?=C2=A0

To avoid MITM attacks the sender must know who they ar= e sending money to, and that means they must see a human understandable nam= e that's cryptographically bound to the right public key. Displaying pa= rtial addresses to the user is not going to solve this unless users manuall= y compare key prefixes across the screens.... which is even less convenient= than a QR code.
--e89a8f3ba085baba86050e5d5934--