1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 8A4B788A
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 30 Jun 2016 20:26:55 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pa0-f52.google.com (mail-pa0-f52.google.com
[209.85.220.52])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id DFAC222A
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 30 Jun 2016 20:26:54 +0000 (UTC)
Received: by mail-pa0-f52.google.com with SMTP id b13so31514484pat.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 30 Jun 2016 13:26:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=voskuil-org.20150623.gappssmtp.com; s=20150623;
h=mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=8/tMRZgidlHUO4qYGGaOgUzx5pSA2NNBO1I5MXQNTgE=;
b=Ds2z8zv2JRu8qFoJOL4DVrN2Ljax7cE0zr8JER3PapMOb6m4biNYipm/ya1/0vi3Ba
xnuvP6dNH3gpGA0Twbp5CHFFF4eyVnaeiaG4pns0uZu/IkSTakSxMV2pltZiscjLX53D
30iF9F7UkeNaHn2VhfeBrUY50Q0+l2cM9yf1M1aaaC94uSsmC3/zGuUq5z0fWtWPV50R
5lHMxM63HJ+ddSPgQXUxUNuejsaeZQUeTMKvJmdzhdEGbCXUEK6EgGMukZUwuDZOaQ0a
Or0o8Y72GBlYcX+WDsmrECEmgt7FQdj8rLwNn+hxiRUrRWRJgMgeSSAS5fIvTEd53bu8
sLHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=8/tMRZgidlHUO4qYGGaOgUzx5pSA2NNBO1I5MXQNTgE=;
b=kqcU7y224+kf0UloPaHk4eprAWXbFoy8DFnR4J9WBoLNNohHUiohFxqCRXojj0cmoR
x5UoTbKQyAAnuL8VweEXxgBFYhnRH0cDnYV2SL/mJnjxspP4ObYN1J3MbkmnctL5Vrru
rM59s5sNy4B6nO26nrUavmsMmGimcSqbKl7Fc1jOzB1iWGwuF7FuryG0JJF2kR2YRTY2
Jmvip2fF7LiAN48yZAry4P+X118Impy4jAPBduSJ+cqD5gO7QLFAQg952Jw7LT/Eb87H
U58CIrbFiPHrBGZoROENRzJidF91J9dn+V6ZTB6sVPfF2kmeipNszGLOEnICbcsr2AKd
SKWA==
X-Gm-Message-State: ALyK8tJw/UxvV1X90qkp8x6LDpvv1OwakurUrVfJOExC+gaWnuDdtv0GoH0fmwbh064DvQ==
X-Received: by 10.66.149.66 with SMTP id ty2mr24686855pab.153.1467318414486;
Thu, 30 Jun 2016 13:26:54 -0700 (PDT)
Received: from [10.171.23.222] ([166.170.43.16])
by smtp.gmail.com with ESMTPSA id z9sm7924697pax.11.2016.06.30.13.26.53
(version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
Thu, 30 Jun 2016 13:26:53 -0700 (PDT)
Content-Type: text/plain;
charset=us-ascii
Mime-Version: 1.0 (1.0)
From: Eric Voskuil <eric@voskuil.org>
X-Mailer: iPhone Mail (13F69)
In-Reply-To: <20160630190613.GA6758@fedora-21-dvm>
Date: Thu, 30 Jun 2016 22:26:48 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <85F9E196-7D56-40DE-83A2-15255A56B115@voskuil.org>
References: <577234A4.3030808@jonasschnelli.ch>
<360EF9B8-A174-41CA-AFDD-2BC2C0B4DECB@voskuil.org>
<20160629111728.GO13338@dosf1.alfie.wtf>
<2981A919-4550-4807-8ED9-F8C51B2DC061@voskuil.org>
<57750EAB.3020105@jonasschnelli.ch>
<426C2AA3-BFB8-4C41-B4DF-4D6CC11988B2@voskuil.org>
<577513DB.60101@jonasschnelli.ch>
<F4BDD091-FD80-4EE9-93EF-735B6BBE253C@voskuil.org>
<20160630165227.GA5816@fedora-21-dvm>
<663B51FE-D8D5-4570-ACA6-D1405D98C773@voskuil.org>
<20160630190613.GA6758@fedora-21-dvm>
To: Peter Todd <pete@petertodd.org>
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, MIME_QP_LONG_LINE,
RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 30 Jun 2016 21:01:01 +0000
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] BIP 151
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Jun 2016 20:26:55 -0000
> On Jun 30, 2016, at 9:06 PM, Peter Todd <pete@petertodd.org> wrote:
>=20
> On Thu, Jun 30, 2016 at 08:25:45PM +0200, Eric Voskuil wrote:
>>> To be clear, are you against Bitcoin Core's tor support?
>>>=20
>>> Because node-to-node connections over tor are encrypted, and make use of=
onion
>>> addresses, which are self-authenticated in the exact same way as BIP151 p=
roposes.
>>=20
>> BIP151 is self-admittedly insufficient to protect against a MITM attack. I=
t proposes node identity to close this hole (future BIP required). The yet-t=
o-be-specified requirement for node identity is the basis of my primary conc=
ern. This is not self-authentication.
>>=20
>>> And we're shipping that in production as of 0.12.0, and by default Tor o=
nion support is enabled and will be automatically setup if you have a recent=
version of Tor installed.
>>>=20
>>> Does that "create pressure to expand node identity"?
>>=20
>> The orthogonal question of whether Tor is safe for use with the Bitcoin P=
2P protocol is a matter of existing research.
>=20
> I don't think you answered my question.
>=20
> Again, we _already have_ the equivalent of BIP151 functionality in Bitcoin=
> Core, shipping in production, but implemented with a Tor dependency.
>=20
> BIP151 removes that dependency on Tor, enabling encrypted connections
> regardless of whether or not you have Tor installed.
>=20
> So any arguments against BIP151 being implemented, are equally arguments
> against our existing Tor onion support. Are you against that support? Beca=
use
> if you aren't, you can't have any objections to BIP151 being implemented
Neither Tor nor Bitcoin Core are part of this BIP (or its proposed dependenc=
y on node identity).
But again, given that node identity is not part of the Bitcoin Core Tor inte=
gration, my objection to the presumption of node identity by BIP151 is unrel=
ated to Bitcoin Core's Tor integration.
e=
|