From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WL8uW-00031Y-3X for bitcoin-development@lists.sourceforge.net; Wed, 05 Mar 2014 10:18:48 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.53 as permitted sender) client-ip=209.85.219.53; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f53.google.com; Received: from mail-oa0-f53.google.com ([209.85.219.53]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1WL8uV-0003vt-32 for bitcoin-development@lists.sourceforge.net; Wed, 05 Mar 2014 10:18:48 +0000 Received: by mail-oa0-f53.google.com with SMTP id j17so796874oag.40 for ; Wed, 05 Mar 2014 02:18:41 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.182.19.164 with SMTP id g4mr875951obe.58.1394014721605; Wed, 05 Mar 2014 02:18:41 -0800 (PST) Sender: mh.in.england@gmail.com Received: by 10.76.71.231 with HTTP; Wed, 5 Mar 2014 02:18:41 -0800 (PST) In-Reply-To: <5303B110.70603@bitpay.com> References: <5303B110.70603@bitpay.com> Date: Wed, 5 Mar 2014 11:18:41 +0100 X-Google-Sender-Auth: D30jqIEGWroNF5QDBurYsI0kDH8 Message-ID: From: Mike Hearn To: "Ryan X. Charles" Content-Type: multipart/alternative; boundary=001a11c2a5f64b09a304f3d9588e X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1WL8uV-0003vt-32 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] BIP70 proposed changes X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Mar 2014 10:18:48 -0000 --001a11c2a5f64b09a304f3d9588e Content-Type: text/plain; charset=UTF-8 > > On an unrelated note, X.509 is a terrible standard that should be > abandoned as quickly as possible. BitPay is working on a new standard > based on bitcoin-like addresses for authentication. It would be great if > we could work with the community to establish a complete, decentralized > authentication protocol. The sooner we can evolve beyond X.509 the better. Because this is such a common sentiment, I wrote a couple of articles on the matter. The first is about why BIP 70 uses the SSL PKI and an examination of the most commonly proposed alternative ideas: https://medium.com/p/b64cf5912aa7 ... including the web of trust, using bitcoin addresses/the block chain, allowing multiple certs, trust-on-first-use and (for SSL only) perspectives/convergence. The second is a summary of some of the most famous crypto-usability research papers published in the past 10-15 years. They cover SSL and PGP. If you're interested in designing alternatives, reading these papers would be a good place to start: https://medium.com/p/d04ea6a2c771 There's a book from O'Reilly called Security & Usability that contains 34 papers and essays. It's very good: http://shop.oreilly.com/product/9780596008277.do --001a11c2a5f64b09a304f3d9588e Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On an unrelated note, X.509 is a terrible standard that should be
abandoned as quickly as possible. BitPay is working on a new standard
based on bitcoin-like addresses for authentication. It would be great if we could work with the community to establish a complete, decentralized
authentication protocol. The sooner we can evolve beyond X.509 the better.<= /blockquote>

Because this is such a common sentiment, I = wrote a couple of articles on the matter.

The firs= t is about why BIP 70 uses the SSL PKI and an examination of the most commo= nly proposed alternative ideas:


.= .. including the web of trust, using bitcoin addresses/the block chain, all= owing multiple certs, trust-on-first-use and (for SSL only) perspectives/co= nvergence.

The second is a summary of some of the most famous cryp= to-usability research papers published in the past 10-15 years. They cover = SSL and PGP. If you're interested in designing alternatives, reading th= ese papers would be a good place to start:


The= re's a book from O'Reilly called Security & Usability that cont= ains 34 papers and essays. It's very good:

--001a11c2a5f64b09a304f3d9588e--