From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WTa8l-0005Xt-G8 for bitcoin-development@lists.sourceforge.net; Fri, 28 Mar 2014 17:00:23 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.3 as permitted sender) client-ip=80.91.229.3; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=plane.gmane.org; Received: from plane.gmane.org ([80.91.229.3]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1WTa8e-00089h-1f for bitcoin-development@lists.sourceforge.net; Fri, 28 Mar 2014 17:00:23 +0000 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1WTa8W-0001Rd-GN for bitcoin-development@lists.sourceforge.net; Fri, 28 Mar 2014 18:00:08 +0100 Received: from f052145073.adsl.alicedsl.de ([78.52.145.73]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 28 Mar 2014 18:00:08 +0100 Received: from andreas by f052145073.adsl.alicedsl.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Fri, 28 Mar 2014 18:00:08 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Andreas Schildbach Date: Fri, 28 Mar 2014 17:59:52 +0100 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: f052145073.adsl.alicedsl.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0 In-Reply-To: X-Enigmail-Version: 1.5.2 X-Spam-Score: -0.8 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.91.229.3 listed in list.dnswl.org] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.1 DKIM_ADSP_ALL No valid author signature, domain signs all mail -0.0 SPF_PASS SPF: sender matches SPF record -0.4 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1WTa8e-00089h-1f Subject: Re: [Bitcoin-development] BIP 70 refund field X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2014 17:00:23 -0000 Ok, why don't fix this in the spec for now, by defining a fixed expiry time. In the EU, most products are covered by a 2 years warranty, so it seems appropriate to pick 2.5 years (30 months) -- allowing for some time to ship the product back and forth. On 03/28/2014 12:31 PM, Mike Hearn wrote: > On Fri, Mar 28, 2014 at 12:25 PM, Andreas Schildbach > > wrote: > > However, I don't see how PaymentDetails can be an answer. None of the > fields (other than outputs and network) can be known in advance (at the > time of the initial payment). > > > You don't need all the fields indeed, but they're mostly optional > (except time). So for the refund you'd fill out: > > outputs (same as today) > time > expiry_time > > You're probably aiming for an expires field? How would you refund a > payment after expiry? > > > It'd have to be ad-hoc at that point. OK, you don't get the nice UI that > the refund field provides. Oh well. It should be rare to get refunds > very very late after the purchase. > > > Btw. another problem is that the refund address is currently > unprotected. > > > Yes indeed as is the rest of the Payment structure. We talked about > signing it with one of the keys that's signing the Bitcoin transaction > as well. But it seems like a bit overkill. Usually it'll be submitted > over HTTPS or a (secured!) Bluetooth channel though so tampering with it > should not be possible. > > However this does raise the question of whether a refund should be a > full blown PaymentRequest with optional PKI signing. Normally, I think, > a seller does not know or care about the identity of a buyer for > refunds, outside of their own tracking system. > > > ------------------------------------------------------------------------------ > > > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development >