Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1V1epM-0005Dp-Hr for bitcoin-development@lists.sourceforge.net; Tue, 23 Jul 2013 15:48:40 +0000 X-ACL-Warn: Received: from out1-smtp.messagingengine.com ([66.111.4.25]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1V1epK-0001jf-PC for bitcoin-development@lists.sourceforge.net; Tue, 23 Jul 2013 15:48:40 +0000 Received: from compute4.internal (compute4.nyi.mail.srv.osa [10.202.2.44]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id 5FCC221665 for ; Tue, 23 Jul 2013 11:48:23 -0400 (EDT) Received: from frontend1 ([10.202.2.160]) by compute4.internal (MEProxy); Tue, 23 Jul 2013 11:48:23 -0400 X-Sasl-enc: mmudjaSsdgge7PcTcB4xa0xcT467yIXYn72PTAKD4CQw 1374594503 Received: from mail-vc0-f171.google.com (unknown [209.85.220.171]) by mail.messagingengine.com (Postfix) with ESMTPA id 32ED1C00E89 for ; Tue, 23 Jul 2013 11:48:23 -0400 (EDT) Received: by mail-vc0-f171.google.com with SMTP id ij15so1335376vcb.16 for ; Tue, 23 Jul 2013 08:48:22 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=QHo0BntKbBxxAvfrrBxhJ0Q70PUO9Egb10Bm+jp9T5c=; b=GR11f2jETHlgYmDLmmC0DJpmQt92tAdodcT/HEkqiABHOjQ4R7qs8dE8r3HbAZ1EVq zKwjC0IFRDDTvzg+YIE3rabXF8Iu4bDqc1aQ/tKgtbWRLFxKkOiclSe9wDLGKVZNq85j MpKnt5jy2A7BSSk28Tl5iNY9g54LqOZRacr+NdrPHpnRa0bO/9toKHT/OmVYgUXOhvfC feG9ZJyuULGgNjHsoj18DkBEGes+/4JcqXrjRidbOlcog8OZ5V6gBBZX/G6Nq+jf5k6s fFd29i3hlhRBNdGQv9kpQGbDGBXHhCz0bVtIGjOp/GK6FdEYUnUDzUYOpgMaSqJ1LliU NpYA== MIME-Version: 1.0 X-Received: by 10.58.118.200 with SMTP id ko8mr11719734veb.94.1374594502968; Tue, 23 Jul 2013 08:48:22 -0700 (PDT) Received: by 10.58.8.111 with HTTP; Tue, 23 Jul 2013 08:48:22 -0700 (PDT) In-Reply-To: References: <201307231030.14139.andyparkins@gmail.com> <20130723094703.GA25900@savin> Date: Tue, 23 Jul 2013 09:48:22 -0600 Message-ID: From: Michael Hendricks To: Pieter Wuille Content-Type: multipart/alternative; boundary=089e013a1e600f501d04e22fb956 X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1V1epK-0001jf-PC Cc: Bitcoin Dev , Andreas Schildbach Subject: Re: [Bitcoin-development] HTTP REST API for bitcoind X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Jul 2013 15:48:40 -0000 --089e013a1e600f501d04e22fb956 Content-Type: text/plain; charset=UTF-8 On Tue, Jul 23, 2013 at 4:36 AM, Pieter Wuille wrote: > Apart from that, exposing this HTTP-based interface publicly has its > own problems, like security risks and potential DoS risks. If > anything, we should be reducing the attack surface rather than > increase it. IMHO, the only thing that should be exposed in the P2P > protocol, which is inevitable, and already has some DoS protections. > > I like this HTTP interface, but it should really only be used for > trusted local applications and debugging. > We already have a good private HTTP interface. Most benefits of this REST interface come from exposing it publicly. As always, the challenge is balancing costs and benefits. I'm not confident that either can be known with certainty until a well-written prototype is running in the wild. As some nodes expose this interface, we'll gain concrete experience from which node operators can make informed security trade offs. -- Michael --089e013a1e600f501d04e22fb956 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
On Tue, Jul 23, 2013 at 4:36 AM, Pieter Wuille <p= ieter.wuille@gmail.com> wrote:
=
Apar= t from that, exposing this HTTP-based interface publicly has its
own problems, like security risks and potential DoS risks. If
anything, we should be reducing the attack surface rather than
increase it. IMHO, the only thing that should be exposed in the P2P
protocol, which is inevitable, and already has some DoS protections.

I like this HTTP interface, but it should really only be used for
trusted local applications and debugging.

We already have a good private HTTP interface. =C2=A0Most benefits of th= is REST interface come from exposing it publicly. =C2=A0As always, the chal= lenge is balancing costs and benefits. =C2=A0I'm not confident that eit= her can be known with certainty until a well-written prototype is running i= n the wild. =C2=A0As some nodes expose this interface, we'll gain concr= ete experience from which node operators can make informed security trade o= ffs.

--=C2=A0
Michael
--089e013a1e600f501d04e22fb956--