public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mike Hearn <mike@plan99.net>
To: Andreas Schildbach <andreas@schildbach.de>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] BIP72 amendment proposal
Date: Fri, 12 Sep 2014 17:36:18 +0200	[thread overview]
Message-ID: <CANEZrP1r3sObKjxz3KAtOBGOeCOOsJP0RszfgN3mUAVCT4gbSA@mail.gmail.com> (raw)
In-Reply-To: <luv0dp$qms$1@ger.gmane.org>

[-- Attachment #1: Type: text/plain, Size: 1470 bytes --]

Your example doesn't have an address in it at all, so isn't compatible with
non-BIP70 wallets. Maybe for QRcodes specifically there are no longer any
such wallets out there. For clickable links it can still be an issue.


> I thought SHA1 has a bad reputation these days, and we don't save much
> by using it. I don't know anything about Murmur. MD5 is clearly broken.
> What hash function would you recommend?
>

Can just truncate SHA256, I think.


> It is. People can't check names. People don't want to check names.
>

Their wallet checks the name, though. It sees:

bitcoin:1AbCd?r=https://bitpay.com/r/12345

and the wallet verifies that the presented certificate is for CN=bitpay.com


> People can't get certificates for lots of reasons. X.509 is centralized.
> X.509 has had serious security issues in the past. And shit continues to
> happen.
>

Well, I wrote an article that argues with this PoV:

https://medium.com/@octskyward/why-you-think-the-pki-sucks-b64cf5912aa7

No disagreement that it's a more complex mechanism. But seeing as we end up
depending on it anyway the moment you load any kind of web page to find out
the URI, adding another mechanism only increases complexity, it doesn't
remove any.

Sure. But signing is harder than just calculating a hash.


Well, again, it saves qrcode bytes. You don't have to include a dedicated
hash. The existing address hash can double up as both a backwards
compatibility measure, and also an auth mechanism.

[-- Attachment #2: Type: text/html, Size: 2722 bytes --]

  parent reply	other threads:[~2014-09-12 15:36 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <mailman.341412.1410515709.2178.bitcoin-development@lists.sourceforge.net>
2014-09-12 10:11 ` [Bitcoin-development] BIP72 amendment proposal Mark van Cuijk
2014-09-12 11:07   ` Andreas Schildbach
2014-09-12 13:49     ` Mike Hearn
2014-09-12 14:15       ` Jeff Garzik
2014-09-12 14:36       ` Andreas Schildbach
2014-09-12 15:25         ` Christophe Biocca
2014-09-12 15:33           ` Christophe Biocca
2014-09-12 15:37             ` Mike Hearn
2014-09-12 16:31               ` Mike Hearn
2014-09-12 18:43                 ` Aaron Voisine
2014-09-15  7:43                   ` Andreas Schildbach
2014-09-15  7:12                 ` Andreas Schildbach
2014-09-12 15:36         ` Mike Hearn [this message]
     [not found] <mailman.342174.1410547421.2163.bitcoin-development@lists.sourceforge.net>
2014-09-12 20:59 ` Mark van Cuijk
2014-09-13  8:53   ` Wladimir
2014-09-12  9:29 Andreas Schildbach
2014-09-12  9:55 ` Wladimir

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CANEZrP1r3sObKjxz3KAtOBGOeCOOsJP0RszfgN3mUAVCT4gbSA@mail.gmail.com \
    --to=mike@plan99.net \
    --cc=andreas@schildbach.de \
    --cc=bitcoin-development@lists.sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox