summaryrefslogtreecommitdiff
path: root/21/02dd6368dbb0616549cf8899b8ab01ac98db16
blob: 715010c2f1b43ac9c4fdccfd967015275bae4e1b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <mh.in.england@gmail.com>) id 1VIzsh-0005vp-D9
	for bitcoin-development@lists.sourceforge.net;
	Mon, 09 Sep 2013 11:43:47 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.214.180 as permitted sender)
	client-ip=209.85.214.180; envelope-from=mh.in.england@gmail.com;
	helo=mail-ob0-f180.google.com; 
Received: from mail-ob0-f180.google.com ([209.85.214.180])
	by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1VIzsg-0004dg-7J
	for bitcoin-development@lists.sourceforge.net;
	Mon, 09 Sep 2013 11:43:47 +0000
Received: by mail-ob0-f180.google.com with SMTP id va7so859647obc.11
	for <bitcoin-development@lists.sourceforge.net>;
	Mon, 09 Sep 2013 04:43:40 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.60.116.230 with SMTP id jz6mr11169521oeb.21.1378727020397;
	Mon, 09 Sep 2013 04:43:40 -0700 (PDT)
Sender: mh.in.england@gmail.com
Received: by 10.76.76.170 with HTTP; Mon, 9 Sep 2013 04:43:40 -0700 (PDT)
In-Reply-To: <8641358D-7484-42AF-9449-C226EF4FB6B4@grabhive.com>
References: <9179D240-EE7E-41A4-AA59-7C96246D8CFB@grabhive.com>
	<CANEZrP1k9xsOESVL6yD+MvaO53Z9Fj_MifnquKi+2fcfk0uP4A@mail.gmail.com>
	<8641358D-7484-42AF-9449-C226EF4FB6B4@grabhive.com>
Date: Mon, 9 Sep 2013 13:43:40 +0200
X-Google-Sender-Auth: u4wTkKx2jRECulodEcbAC2OTxB8
Message-ID: <CANEZrP1oJsxcg=N2M_a8VW69=was7VM8cFGVpKeWx0x-eqFuLw@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Wendell <w@grabhive.com>
Content-Type: multipart/alternative; boundary=089e0115e84a4b0a0404e5f1e651
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(mh.in.england[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1VIzsg-0004dg-7J
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Simple contacts exchange (was: Social
 network integration (brainstorm))
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 09 Sep 2013 11:43:47 -0000

--089e0115e84a4b0a0404e5f1e651
Content-Type: text/plain; charset=UTF-8

The current version requires a signed cert yes. Whether that's difficult or
not depends on the policies of the cert authorities. Ultimately all they
have to do is verify an email address by sending it a clickable link, which
is why StartSSL do it for free. Probably they aren't optimised for
usability, but there's no technical reason why one couldn't be. It's a
competitive market, after all.

There's also the option of extending the payment protocol to support other
forms of PKI. But from a technical perspective the X.509 PKI is fine.
Someone can always set up their own CA for the Bitcoin community and
convince wallet developers to include their root cert, after all.


On Mon, Sep 9, 2013 at 9:26 AM, Wendell <w@grabhive.com> wrote:

> OK, I was under the impression that this was mostly developed for
> merchants. I've seen some discussion here that seemed to suggest it
> requiring some non-trivial (for an end user) steps like getting a CA-signed
> certificate.
>
> -wendell
>
> grabhive.com | twitter.com/grabhive | gpg: 6C0C9411
>
> On Sep 7, 2013, at 11:44 PM, Mike Hearn wrote:
>
> > This is the sort of thing the payment protocol is for. The recipient
> would vend a PaymentRequest containing identity details. The sender would
> submit a Payment containing his/hers. The wallet then understands what to
> do.
>
>

--089e0115e84a4b0a0404e5f1e651
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">The current version requires a signed cert yes. Whether th=
at&#39;s difficult or not depends on the policies of the cert authorities. =
Ultimately all they have to do is verify an email address by sending it a c=
lickable link, which is why StartSSL do it for free. Probably they aren&#39=
;t optimised for usability, but there&#39;s no technical reason why one cou=
ldn&#39;t be. It&#39;s a competitive market, after all.<div>
<br></div><div>There&#39;s also the option of extending the payment protoco=
l to support other forms of PKI. But from a technical perspective the X.509=
 PKI is fine. Someone can always set up their own CA for the Bitcoin commun=
ity and convince wallet developers to include their root cert, after all.</=
div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Mon,=
 Sep 9, 2013 at 9:26 AM, Wendell <span dir=3D"ltr">&lt;<a href=3D"mailto:w@=
grabhive.com" target=3D"_blank">w@grabhive.com</a>&gt;</span> wrote:<br><bl=
ockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #=
ccc solid;padding-left:1ex">
OK, I was under the impression that this was mostly developed for merchants=
. I&#39;ve seen some discussion here that seemed to suggest it requiring so=
me non-trivial (for an end user) steps like getting a CA-signed certificate=
.<br>

<div class=3D"im HOEnZb"><br>
-wendell<br>
<br>
<a href=3D"http://grabhive.com" target=3D"_blank">grabhive.com</a> | <a hre=
f=3D"http://twitter.com/grabhive" target=3D"_blank">twitter.com/grabhive</a=
> | gpg: 6C0C9411<br>
<br>
</div><div class=3D"HOEnZb"><div class=3D"h5">On Sep 7, 2013, at 11:44 PM, =
Mike Hearn wrote:<br>
<br>
&gt; This is the sort of thing the payment protocol is for. The recipient w=
ould vend a PaymentRequest containing identity details. The sender would su=
bmit a Payment containing his/hers. The wallet then understands what to do.=
<br>

<br>
</div></div></blockquote></div><br></div>

--089e0115e84a4b0a0404e5f1e651--