From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Td7uL-00059C-Gc for bitcoin-development@lists.sourceforge.net; Mon, 26 Nov 2012 23:16:09 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.47 as permitted sender) client-ip=209.85.219.47; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f47.google.com; Received: from mail-oa0-f47.google.com ([209.85.219.47]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Td7uK-0005M0-Pd for bitcoin-development@lists.sourceforge.net; Mon, 26 Nov 2012 23:16:09 +0000 Received: by mail-oa0-f47.google.com with SMTP id h1so12456660oag.34 for ; Mon, 26 Nov 2012 15:16:03 -0800 (PST) MIME-Version: 1.0 Received: by 10.60.29.70 with SMTP id i6mr11076296oeh.38.1353971763469; Mon, 26 Nov 2012 15:16:03 -0800 (PST) Sender: mh.in.england@gmail.com Received: by 10.76.128.139 with HTTP; Mon, 26 Nov 2012 15:16:03 -0800 (PST) In-Reply-To: <201211262313.44463.luke@dashjr.org> References: <201211262313.44463.luke@dashjr.org> Date: Tue, 27 Nov 2012 00:16:03 +0100 X-Google-Sender-Auth: If-kLyTEW54CUXRrgatZv3-t17c Message-ID: From: Mike Hearn To: Luke-Jr Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.1 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.4 AWL AWL: From: address is in the auto white-list X-Headers-End: 1Td7uK-0005M0-Pd Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Payment Protocol Proposal: Invoices/Payments/Receipts X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Nov 2012 23:16:09 -0000 They could be included as well of course, but from a seller perspective the most important thing is consistency. You have to be able to predict what CAs the user has, otherwise your invoice would appear in the UI as unverified and is subject to manipulation by viruses, etc. So using the OS cert store would effectively restrict merchants to the intersection of what ships in all the operating systems their users use, which could be unnecessarily restrictive. As far as I know, every browser has its own cert store for that reason.