public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mike Hearn <mike@plan99.net>
To: "Emin Gün Sirer" <el33th4x0r@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Virtual Notary.
Date: Mon, 25 May 2015 20:07:09 +0200	[thread overview]
Message-ID: <CANEZrP2BChNrX-GKse82CtjeMe2Trt8CfaZDyvH2b85EGF+FeQ@mail.gmail.com> (raw)
In-Reply-To: <CAPkFh0tWykVJU-9mCTR95eqUF0B5TO-ZO7B3L0wf_QYAmAuuBA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 966 bytes --]

Very nice Emin! This could be very useful as a building block for oracle
based services. If only there were opcodes for working with X.509 ;)

I'd suggest at least documenting in the FAQ how to extract the data from
the certificate:

openssl pkcs12 -in virtual-notary-cert-stocks-16070.p12 -nodes -passin
pass:"" | openssl x509 -text|less

That's good enough to get started, but I note two issues:


   1. X.509 is kind of annoying to work with: example code in popular
   languages/frameworks to extract the statement would be useful.

   2. The stock price plugin, at least, embeds the data as text inside the
   X.509 certificate. That's also not terribly developer friendly and risks
   parsing errors undermining security schemes built on it.

   The way I'd solve this is to embed either a protocol buffer or DER
   encoded structure inside the extension, so developers can extract the
   notarised data directly, without needing to do any additional parsing.

[-- Attachment #2: Type: text/html, Size: 1240 bytes --]

  parent reply	other threads:[~2015-05-25 18:07 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-20 10:25 [Bitcoin-development] Virtual Notary Emin Gün Sirer
2015-05-20 15:54 ` Jeff Garzik
2015-05-25 18:07 ` Mike Hearn [this message]
2015-05-22  9:00 Jonas Schnelli
2015-05-23  1:46 ` Ben Vulpes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CANEZrP2BChNrX-GKse82CtjeMe2Trt8CfaZDyvH2b85EGF+FeQ@mail.gmail.com \
    --to=mike@plan99.net \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=el33th4x0r@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox