On Wed, Sep 25, 2013 at 1:33 PM, Andreas Schildbach <andreas@schildbach.de> wrote:
Why do you think that? Of course, I would skip the certificate, as its
unnecessary if you see your partner in person.

OK, it might fit if you don't use any of the features the protocol provides :) You can try it here:

https://bitcoincore.org/~gavin/createpaymentrequest.php
 
HTTPS trust is utterly broken unless you fix it by adding the
certificate or a fingerprint to the QR code.

It's not "utterly broken", that's over-dramatic. It's just the best that can be done with todays technology. I wrote about the SSL PKI and how it's being upgraded here:

https://bitcointalk.org/index.php?topic=300809.0

If you're thinking about governments and so on subverting CA's, then there is a plan for handling that (outside the Bitcoin world) called certificate transparency which is being implemented now.

Now when you are getting a QR code from the web, it's already being served over HTTPS. So if you're up against an attacker who can break a CA in order to steal your money, then you already lose, the QRcode itself as MITMd.

In the Bluetooth case we might have to keep the address around and use it to do ECDHE or something like that. The current BT support doesn't need that because it's just blasting out a tx, the entire protocol is write only. Once it's reading data as well then it'll need a custom security layer.