From: Andreas Schildbach <andreas@schildbach.de>
To: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] BIP70 proposed changes
Date: Tue, 18 Feb 2014 22:40:13 +0100 [thread overview]
Message-ID: <le0jvf$i7d$1@ger.gmane.org> (raw)
In-Reply-To: <5303B110.70603@bitpay.com>
On 02/18/2014 08:14 PM, Ryan X. Charles wrote:
> The most important missing piece of the payment protocol is that is has
> no concept of the status of a payment after it has been made. What if
> the payment is too little? Too much? What if it is never confirmed? What
> if it is confirmed, but very late? These are regular occurrences at
> BitPay (although hopefully they will be a lot fewer after the payment
> protocol is widely adopted).
I would like to understand why this happens at BitPay? If this is
because people use cut and paste to copy the address and then type the
amount by hand... well this kind of usage will go away.
A program (like an app) should be capable of paying the exact amount. If
not, that's a bug of the app not the protocol.
> On an unrelated note, X.509 is a terrible standard that should be
> abandoned as quickly as possible.
+1
> BitPay is working on a new standard
> based on bitcoin-like addresses for authentication. It would be great if
> we could work with the community to establish a complete, decentralized
> authentication protocol.
Sounds interesting, let us know as soon as you have anything.
>> - certificate chain in pki_data: I think it should be required that is
>> most contain the first certificate PLUS all intermediate certificates
>> (if any), but NOT the root certificate. Reason: We want to be able to
>> verify offline.
>
> So long as the root certificate remains an optional addition, this seems
> like a good idea.
In which case does it make sense to duplicate the root cert? I'm asking
because it should already be present in the trusted root store, right?
Maybe can you tell about which measures you needed to take to get X.509
working? To me it felt there very several problems.
> My experience with tls in node is that it is required
TLS? We're not using that for pki_data -- its just a byte array.
>> - definition of timezone: Its not clear if times (e.g. expires) are in
>> UTC or local. I suggest to require UTC. If if we can't agree on this,
>> there should be a sentence about timezones in the spec.
>
> The world needs to abandon timezones altogether for everything and only
> use UTC. So, agreed. Require UTC.
--> https://github.com/bitcoin/bips/pull/20
next prev parent reply other threads:[~2014-02-18 21:40 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-02-18 17:31 [Bitcoin-development] BIP70 proposed changes Andreas Schildbach
2014-02-18 19:14 ` Ryan X. Charles
2014-02-18 20:15 ` Gavin Andresen
2014-02-18 21:40 ` Andreas Schildbach [this message]
2014-02-19 14:10 ` Jeff Garzik
2014-02-19 16:44 ` Mike Hearn
2014-05-06 2:35 ` Odinn Cyberguerrilla
2014-05-06 8:22 ` Alon Muroch
2014-02-18 21:47 ` Peter Todd
2014-02-18 23:41 ` Bernd Jendrissek
2014-02-18 22:02 ` Derber
2014-02-21 15:34 ` Mike Hearn
2014-03-05 10:18 ` Mike Hearn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='le0jvf$i7d$1@ger.gmane.org' \
--to=andreas@schildbach.de \
--cc=bitcoin-development@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox