Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WFsP2-0003G9-WD for bitcoin-development@lists.sourceforge.net; Tue, 18 Feb 2014 21:40:33 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.3 as permitted sender) client-ip=80.91.229.3; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=plane.gmane.org; Received: from plane.gmane.org ([80.91.229.3]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1WFsP0-0004Uu-Lo for bitcoin-development@lists.sourceforge.net; Tue, 18 Feb 2014 21:40:32 +0000 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1WFsOt-0006Ni-5k for bitcoin-development@lists.sourceforge.net; Tue, 18 Feb 2014 22:40:23 +0100 Received: from f052085125.adsl.alicedsl.de ([78.52.85.125]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 18 Feb 2014 22:40:23 +0100 Received: from andreas by f052085125.adsl.alicedsl.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 18 Feb 2014 22:40:23 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Andreas Schildbach Date: Tue, 18 Feb 2014 22:40:13 +0100 Message-ID: References: <5303B110.70603@bitpay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: f052085125.adsl.alicedsl.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 In-Reply-To: <5303B110.70603@bitpay.com> X-Spam-Score: -1.0 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.91.229.3 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.1 DKIM_ADSP_ALL No valid author signature, domain signs all mail -0.0 SPF_PASS SPF: sender matches SPF record -0.6 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1WFsP0-0004Uu-Lo Subject: Re: [Bitcoin-development] BIP70 proposed changes X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Feb 2014 21:40:33 -0000 On 02/18/2014 08:14 PM, Ryan X. Charles wrote: > The most important missing piece of the payment protocol is that is has > no concept of the status of a payment after it has been made. What if > the payment is too little? Too much? What if it is never confirmed? What > if it is confirmed, but very late? These are regular occurrences at > BitPay (although hopefully they will be a lot fewer after the payment > protocol is widely adopted). I would like to understand why this happens at BitPay? If this is because people use cut and paste to copy the address and then type the amount by hand... well this kind of usage will go away. A program (like an app) should be capable of paying the exact amount. If not, that's a bug of the app not the protocol. > On an unrelated note, X.509 is a terrible standard that should be > abandoned as quickly as possible. +1 > BitPay is working on a new standard > based on bitcoin-like addresses for authentication. It would be great if > we could work with the community to establish a complete, decentralized > authentication protocol. Sounds interesting, let us know as soon as you have anything. >> - certificate chain in pki_data: I think it should be required that is >> most contain the first certificate PLUS all intermediate certificates >> (if any), but NOT the root certificate. Reason: We want to be able to >> verify offline. > > So long as the root certificate remains an optional addition, this seems > like a good idea. In which case does it make sense to duplicate the root cert? I'm asking because it should already be present in the trusted root store, right? Maybe can you tell about which measures you needed to take to get X.509 working? To me it felt there very several problems. > My experience with tls in node is that it is required TLS? We're not using that for pki_data -- its just a byte array. >> - definition of timezone: Its not clear if times (e.g. expires) are in >> UTC or local. I suggest to require UTC. If if we can't agree on this, >> there should be a sentence about timezones in the spec. > > The world needs to abandon timezones altogether for everything and only > use UTC. So, agreed. Require UTC. --> https://github.com/bitcoin/bips/pull/20