On Mon, Oct 28, 2013 at 12:37:30PM -0700, Jeremy Spilman wrote:
> Just an aside...
>
> The 1BTC bountry John references below is a 1BTC P2SH output, where the
> redeemScript he provided does hash to the expected value, and is itself a
> 2-of-3 multisig, with the following pubkeys, expressed as
Just an aside...
The 1BTC bountry John references below is a 1BTC P2SH output, where the
redeemScript he provided does hash to the expected value, and is itself a
2-of-3 multisig, with the following pubkeys, expressed as addresses:
1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
1FCYd7j4CThTMzts78rh6iQJLB
On Mon, Oct 28, 2013 at 1:14 PM, Adam Back wrote:
> Maybe I voice this opinion a bit late in the cycle, but
A bit late is one way to put it. All these topics and more were discussed
to death a year ago when the payment protocol was first being designed.
Bluntly, I think we're all sick of i
I think its a mistake relying directly on X509, its subject to corrpution
attacks, involves ASN.1 and enough openSSL X.500 encoding abiguity (or other
code base) to be a security nightmare.
Why not make the payment messages signed by bitcoin keys. If someone wants
to associate with X.509 they can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Oct 26, 2013 at 3:31 AM, Gregory Maxwell wrote:
> One limitation of the payment protocol as speced is that there is no
> way for a hidden service site to make use of its full authentication
> capability because they are unable to get SSL cer
On Fri, Oct 25, 2013 at 08:31:05PM -0700, Gregory Maxwell wrote:
> One limitation of the payment protocol as speced is that there is no
> way for a hidden service site to make use of its full authentication
> capability because they are unable to get SSL certificates issued to
> them.
>
> A tor hi
On Fri, Oct 25, 2013 at 8:41 PM, Luke-Jr wrote:
> Is there any point to additional encryption over tor (which afaik is already
> encrypted end-to-end)? Is there a safe way to make this work through tor entry
> nodes/gateways?
The x.509 in the payment protocol itself is for authentication and
non-
On Sat, Oct 26, 2013 at 1:31 PM, Gregory Maxwell wrote:
>
This would give us an fully supported option which is completely CA
> free... it would only work for tor sites, but the people concerned
> about CA trechery are likely to want to use tor in any case.
>
> Thoughts?
>
I think a tiny n
On Saturday, October 26, 2013 3:31:05 AM Gregory Maxwell wrote:
> One limitation of the payment protocol as speced is that there is no
> way for a hidden service site to make use of its full authentication
> capability because they are unable to get SSL certificates issued to
> them.
>
> A tor hid
One limitation of the payment protocol as speced is that there is no
way for a hidden service site to make use of its full authentication
capability because they are unable to get SSL certificates issued to
them.
A tor hidden service (onion site) is controlled by an RSA key.
It would be trivial t
10 matches
Mail list logo
