From: Pieter Wuille <pieter.wuille@gmail•com>
To: bitcoin-development@lists•sourceforge.net
Subject: Re: [Bitcoin-development] [BIP 15] Aliases
Date: Mon, 19 Dec 2011 02:14:20 +0100 [thread overview]
Message-ID: <20111219011417.GA16815@ulyssis.org> (raw)
In-Reply-To: <CAJna-Hhg9DO4jeuU3nEL2jJGPyxZXpeOLTQe1w8zjT6wqi+kXQ@mail.gmail.com>
On Mon, Dec 19, 2011 at 12:58:37AM +0100, slush wrote:
> Maybe I'm retarded, but where's the point in providing alliases containing
> yet another hash in URL?
Any DNS-based alias system is vulnerable to spoofing. If I can make people's
DNS server believe that mining.cz points to my IP, I'll receive payments to
you...
If no trusted CA is used to authenticate the communication, there is no way
to be sure the one you are asking how to pay, is the person you want to pay.
Therefore, one solution is to put a bitcoin address in the identification
string itself, and requiring SSL communication authenticated using the
respective key.
This makes the identification strings obviously less useful as aliases,
but pure aliases in the sense of human-typable strings have imho
limited usefulness anyway - in most cases these identification strings
will be communicated through other electronic means anyway.
Furthermore, the embedded bitcoin address could be hidden from the user:
retrieved when first connecting, and stored together with the URI in
an address book. Like ssh, it could warn the user if the key changes
(which wil be ignored by most users anyway, but what do you do about
that?)
--
Pieter
next prev parent reply other threads:[~2011-12-19 1:14 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-12 22:21 Amir Taaki
2011-12-12 22:25 ` Amir Taaki
2011-12-12 22:32 ` Luke-Jr
2011-12-13 4:38 ` theymos
2011-12-13 7:41 ` Jorge Timón
2011-12-15 19:59 ` theymos
2011-12-15 23:56 ` Amir Taaki
2011-12-16 2:37 ` Kyle Henderson
2011-12-16 4:32 ` Walter Stanish
2011-12-16 2:48 ` Matt Corallo
2011-12-16 17:23 ` Khalahan
2011-12-16 19:54 ` slush
2011-12-16 20:10 ` Amir Taaki
2011-12-16 20:14 ` Harald Schilly
2011-12-16 21:52 ` Khalahan
2011-12-16 22:05 ` Rick Wesson
2011-12-18 21:05 ` Jorge Timón
2011-12-18 21:18 ` Jordan Mack
2011-12-18 21:44 ` Luke-Jr
2011-12-18 23:58 ` slush
2011-12-19 1:13 ` Luke-Jr
2011-12-19 1:14 ` Pieter Wuille [this message]
2011-12-19 1:43 ` Luke-Jr
2011-12-19 1:44 ` slush
2011-12-19 7:56 ` Jorge Timón
2011-12-19 11:44 ` Andy Parkins
2011-12-19 14:46 ` solar
2011-12-19 15:35 ` Rick Wesson
2011-12-19 16:35 ` Luke-Jr
2011-12-19 17:13 ` solar
2011-12-19 16:30 ` Luke-Jr
2011-12-19 17:04 ` Jordan Mack
2011-12-19 17:09 ` slush
2011-12-19 18:13 ` Jordan Mack
2011-12-19 18:17 ` slush
2011-12-19 18:50 ` Jorge Timón
2011-12-19 20:03 ` Jordan Mack
2011-12-19 19:22 ` Jordan Mack
2011-12-19 18:15 ` Luke-Jr
2011-12-19 18:52 ` Jordan Mack
2011-12-19 19:16 ` Luke-Jr
2011-12-19 20:03 ` Jordan Mack
2011-12-16 8:35 ` Pieter Wuille
2011-12-16 16:03 ` Rick Wesson
2011-12-16 16:17 ` Pieter Wuille
2011-12-16 16:21 ` Rick Wesson
2011-12-16 17:21 ` Andy Parkins
2011-12-12 23:16 Zell Faze
2011-12-12 23:37 ` Jorge Timón
2011-12-12 23:41 ` Luke-Jr
2011-12-13 2:39 ` Stefan Thomas
2011-12-12 23:52 ` Matt Corallo
2011-12-12 23:37 ` Will
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111219011417.GA16815@ulyssis.org \
--to=pieter.wuille@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox