Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id DFAE8A58 for ; Thu, 30 Jun 2016 19:06:18 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail148109.authsmtp.co.uk (outmail148109.authsmtp.co.uk [62.13.148.109]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 9E39F13A for ; Thu, 30 Jun 2016 19:06:17 +0000 (UTC) Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt22.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5UJ6Grg004518; Thu, 30 Jun 2016 20:06:16 +0100 (BST) Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id u5UJ6Dvw036040 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 30 Jun 2016 20:06:14 +0100 (BST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id BFB4D4010C; Thu, 30 Jun 2016 19:04:01 +0000 (UTC) Received: by localhost (Postfix, from userid 1000) id 2DE6A2056F; Thu, 30 Jun 2016 15:06:13 -0400 (EDT) Date: Thu, 30 Jun 2016 15:06:13 -0400 From: Peter Todd To: Eric Voskuil Message-ID: <20160630190613.GA6758@fedora-21-dvm> References: <577234A4.3030808@jonasschnelli.ch> <360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org> <20160629111728.GO13338@dosf1.alfie.wtf> <2981A919-4550-4807-8ED9-F8C51B2DC061@voskuil.org> <57750EAB.3020105@jonasschnelli.ch> <426C2AA3-BFB8-4C41-B4DF-4D6CC11988B2@voskuil.org> <577513DB.60101@jonasschnelli.ch> <20160630165227.GA5816@fedora-21-dvm> <663B51FE-D8D5-4570-ACA6-D1405D98C773@voskuil.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="yrj/dFKFPuw6o+aM" Content-Disposition: inline In-Reply-To: <663B51FE-D8D5-4570-ACA6-D1405D98C773@voskuil.org> User-Agent: Mutt/1.5.23 (2014-03-12) X-Server-Quench: b7a4c32d-3ef5-11e6-829e-00151795d556 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdQIUEkAaAgsB AmAbWVReUFt7WGY7 bghPaBtcak9QXgdq T0pMXVMcUQANexp1 QFkeUR9ycwUIeX53 YU8sDHcKWBd5dxJg QRsCEHAHZDJmdWgd WRVFdwNVdQJNdxoR b1V5GhFYa3VsNCMk FAgyOXU9MCtqYA50 eklUcAt6 X-Authentic-SMTP: 61633532353630.1037:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 52.5.185.120/25 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] BIP 151 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jun 2016 19:06:19 -0000 --yrj/dFKFPuw6o+aM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jun 30, 2016 at 08:25:45PM +0200, Eric Voskuil wrote: > > To be clear, are you against Bitcoin Core's tor support? > >=20 > > Because node-to-node connections over tor are encrypted, and make use o= f onion > > addresses, which are self-authenticated in the exact same way as BIP151= proposes. >=20 > BIP151 is self-admittedly insufficient to protect against a MITM attack. = It proposes node identity to close this hole (future BIP required). The yet= -to-be-specified requirement for node identity is the basis of my primary c= oncern. This is not self-authentication. >=20 > > And we're shipping that in production as of 0.12.0, and by default Tor = onion support is enabled and will be automatically setup if you have a rece= nt version of Tor installed. > >=20 > > Does that "create pressure to expand node identity"? >=20 > The orthogonal question of whether Tor is safe for use with the Bitcoin P= 2P protocol is a matter of existing research. I don't think you answered my question. Again, we _already have_ the equivalent of BIP151 functionality in Bitcoin Core, shipping in production, but implemented with a Tor dependency. BIP151 removes that dependency on Tor, enabling encrypted connections regardless of whether or not you have Tor installed. So any arguments against BIP151 being implemented, are equally arguments against our existing Tor onion support. Are you against that support? Becau= se if you aren't, you can't have any objections to BIP151 being implemented either. --=20 https://petertodd.org 'peter'[:-1]@petertodd.org --yrj/dFKFPuw6o+aM Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQEcBAEBCAAGBQJXdW2iAAoJEGOZARBE6K+y0b4H/Ate3MT9sQPjK+e/H8zWs1pr Pkrll3ppDjkiz2VoABJ9hIw8jR0GoZkeXsO2RYNcI1u9M7MDScNO5+TK87815TKX 2xVIE9tkOLix6xndbtbnw+2cbwmz2IatLQQ7MHzoj9W5Qa0gYSouX6i3eq9+7emm JR2RQd3w6g6hGZC41UdlUMrBx5eUdn8gxPFgt+Z5tdJpF0V94k4HotGgXikDl01r DGxGpO0ob6MlrsCDYi9VMbkPPkxSLrJfRCIkfnl8/DrcWoUWaFfK3LLx3845J4bs AFdbZpw01joRbRJNkEo8ipC96EVjMjxC5v67yYjcX/+dkCiKMbIvxWXaMq7h5j8= =nAS8 -----END PGP SIGNATURE----- --yrj/dFKFPuw6o+aM--