Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VLurq-0002TN-9J for bitcoin-development@lists.sourceforge.net; Tue, 17 Sep 2013 12:58:58 +0000 X-ACL-Warn: Received: from mail-la0-f46.google.com ([209.85.215.46]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VLurm-0002mt-Iy for bitcoin-development@lists.sourceforge.net; Tue, 17 Sep 2013 12:58:58 +0000 Received: by mail-la0-f46.google.com with SMTP id eh20so4292664lab.33 for ; Tue, 17 Sep 2013 05:58:47 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:sender:subject:mime-version:content-type:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=HCkx9V1n4xlNYXgJII/hCV9F3+Ne0z7LxfEhAmgQ1rw=; b=E9i1ksLTSGWTdI1JBhFxYQFpxdzDbfg5Yz8gLVeW4ZHGggrqProYFZPO2txCx0obcm wJTWBOGFe906wMoIITO0gQNNhgaxlxN7+QHD4134261hW5x+xTRLyAzlz2udR1pUDpZX 9SLBDjzds3gLCjg25sSa7QIuGlrwsRJuqbOIdiwzIZ/n0zWfMbbYlWNesoG/fUcdzAZb ZMjnMCveRUHGqVxpcgM7AUF8rC0PCPpgmoCYQlrPW0TopXGVLswTR2jIEgcbmIkkvtDN 6E2ahq+vWypnqd0BBU7yp8Cyk06/Nb+gg/t+T2Po7hOJ9xM/nwlbqA1Q7Z+nGsNVNjJn e7ng== X-Gm-Message-State: ALoCoQnnRXHfmyo40+xmEue56Mg0hnho8BAr1OKEN3+bgpDWP2x+2cipep71voX8ziEtGTjuGqj2 X-Received: by 10.112.172.137 with SMTP id bc9mr29925024lbc.21.1379421100410; Tue, 17 Sep 2013 05:31:40 -0700 (PDT) Received: from [127.0.0.1] (herngaard.torservers.net. [96.44.189.102]) by mx.google.com with ESMTPSA id b6sm14300169lae.0.1969.12.31.16.00.00 (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 17 Sep 2013 05:31:38 -0700 (PDT) Sender: Wendell Mime-Version: 1.0 (Apple Message framework v1283) Content-Type: text/plain; charset=us-ascii From: Wendell In-Reply-To: Date: Tue, 17 Sep 2013 14:05:30 +0200 Content-Transfer-Encoding: quoted-printable Message-Id: <2BC93E25-27D2-474E-842D-6684E96E9472@grabhive.com> References: <9179D240-EE7E-41A4-AA59-7C96246D8CFB@grabhive.com> <82E79EB0-49D6-492A-AE4A-6A786C7B0AAA@grabhive.com> <3B80F433-9039-459B-BC96-A56786DEF6C3@grabhive.com> To: Mike Hearn X-Mailer: Apple Mail (2.1283) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. X-Headers-End: 1VLurm-0002mt-Iy Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Simple contacts exchange (was: Social network integration (brainstorm)) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Sep 2013 12:58:58 -0000 Thanks Mike. I definitely took all your comments to heart, but we're looking to = road-test something quickly for the sake of user experience in our own = wallet. I wouldn't mind us contributing to a BIP once we have a better = grip on the payment protocol itself, but (for example) I'm still not = sure that I understand _why_ signed certificates are even required. = Isn't that likely be an obstacle to adoption for use cases like this? -wendell grabhive.com | twitter.com/grabhive | gpg: 6C0C9411 On Sep 17, 2013, at 12:03 PM, Mike Hearn wrote: > You can prove ownership of a private key by signing a = challenger-generated nonce with the public part and giving the signature = back to the challenger - same as with any asymmetric crypto system. >=20 > As I already noted, the payment protocol is designed to solve that = problem. You could design a BIP that extended the payment protocol to = include information about the person who generated it. >=20 >> On Tue, Sep 17, 2013 at 11:30 AM, Wendell wrote: >> Couple of things I just thought about: >>=20 >> 1- Presume server should only sweep with two (or more, see below) = revocation certificates being present >> 2- Need to insert something in the flow so that Alice can verify that = the uploaded key is actually Bob's (and perhaps vise-versa, given an = extremely dedicated attacker with a fast connection?). >>=20 >> Is there a way to do #2 without creating yet another transaction? = Admittedly I am still really puzzled about the accessibility of public = keys in Bitcoin! >>=20 >> Please remember that the idea is to have two wallets securely = exchange a packet of metadata about a transaction beyond the scope of = Bitcoin itself (a name, perhaps a small photo, etc) in order to increase = usability. This will be my last post here on the topic except to reply = in case anyone else contributes. >>=20 >> -wendell >>=20 >> grabhive.com | twitter.com/grabhive | gpg: 6C0C9411