1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
Return-Path: <ric@spagni.net>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 30581307
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 18 Jul 2015 11:41:19 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-vn0-f45.google.com (mail-vn0-f45.google.com
[209.85.216.45])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B731011A
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 18 Jul 2015 11:41:18 +0000 (UTC)
Received: by vnk197 with SMTP id 197so9109453vnk.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 18 Jul 2015 04:41:17 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to
:content-type;
bh=Un+yyfHU8lGh+nzBOL8Anu9wrSw1BCynZiHXX4u+Ppo=;
b=V64USeEeoh//MIe5VaaHCR0vO7bUyuaVJ0Fa7XIaEWBrUtZfFwcxO10IMrKOqJGAqG
hOieS01IMAl0ZGWkHtORRpezgxVBzDAFh5UQb22eiSjhcHFzgOmEh41Apk/STz3egmRt
YVljwVyJbf9pOc9a2l3Y2cUKKUchCXQLrkHsSywJsJDdpbPnl15X7Cqdqc66syGO8Ugh
P4bevTZtMoFW2g34wBKo6DY6Wey8r7b9NGm5AgtjmYkrOMcO2URjS/oNAwiTkKE+avEj
wIp+NoWNH7J8ExDcs2cJgTsz27biYD9b2k0X2WkI3Awdue8svndGJMKNygjxGD5/zx/0
wYJQ==
X-Gm-Message-State: ALoCoQlknIZU0NkRNJ02Wy5ZXACQKkSoA7ppFYKxdFpmGbwsnamQkkZN8Afp0t3s5VKQ18Of0tzA
X-Received: by 10.52.35.8 with SMTP id d8mr23184766vdj.8.1437219677777; Sat,
18 Jul 2015 04:41:17 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.92.197 with HTTP; Sat, 18 Jul 2015 04:40:58 -0700 (PDT)
From: Riccardo Spagni <ric@spagni.net>
Date: Sat, 18 Jul 2015 13:40:58 +0200
Message-ID: <CADhj2oTosATt1hgMqRyBofg0XQ3qPzPzJoUqesKKuR4bETYiNg@mail.gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Proposal: extend bip70 with OpenAlias
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Jul 2015 11:41:19 -0000
> It is worth noting that DNS lookups can be done via Tor. In effect that
> gives you 1000+ proxies instead of 56 or 4. BitcoinJ already has code that
> can do this.
Agreed, although I guess the bootstrap time for that is a little on
the high side, and maybe a little too chunky on mobile devices, but
it's absolutely worthwhile as an option. DNSSEC is great because it
doesn't allow resolvers to lie, they can't even pretend that a record
doesn't exist.
> I would agree that it makes sense for proxying of DNS requests to be an
> optional part of the protocol. Wallet developers can then compete on privacy
> vs robustness vs whatever other issues there may be.
My current thinking with Electrum (that ThomasV and I have bounced
around) is to make the default policy DNSCrypt -> fallback to
OpenAlias API pool (which can return DNSSEC data for verification) ->
fallback to default resolver. Turning off DNSCrypt will then make it
default resolver -> fallback to OpenAlias API pool. Turning off the
API pool will make it default resolver or fail. Default resolver can
be set to OS resolver (default) or custom resolvers (eg. Google Public
DNS).
Riccardo
|