On Thu, Jun 30, 2016 at 08:25:45PM +0200, Eric Voskuil wrote:
> > To be clear, are you against Bitcoin Core's tor support?
> > 
> > Because node-to-node connections over tor are encrypted, and make use of onion
> > addresses, which are self-authenticated in the exact same way as BIP151 proposes.
> 
> BIP151 is self-admittedly insufficient to protect against a MITM attack. It proposes node identity to close this hole (future BIP required). The yet-to-be-specified requirement for node identity is the basis of my primary concern. This is not self-authentication.
> 
> > And we're shipping that in production as of 0.12.0, and by default Tor onion support is enabled and will be automatically setup if you have a recent version of Tor installed.
> > 
> > Does that "create pressure to expand node identity"?
> 
> The orthogonal question of whether Tor is safe for use with the Bitcoin P2P protocol is a matter of existing research.

I don't think you answered my question.

Again, we _already have_ the equivalent of BIP151 functionality in Bitcoin
Core, shipping in production, but implemented with a Tor dependency.

BIP151 removes that dependency on Tor, enabling encrypted connections
regardless of whether or not you have Tor installed.

So any arguments against BIP151 being implemented, are equally arguments
against our existing Tor onion support. Are you against that support? Because
if you aren't, you can't have any objections to BIP151 being implemented
either.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org