On Fri, Jan 3, 2014 at 9:59 AM, Drak <drak@zikula.org> wrote:

> Which is why, as pointed out several times at 30c3 by several renowned
> figures, why cryptography has remained squarely outside of mainstream use.
> It needs to just work and until you can trust the connection and what the
> end point sends you, automatically, it's a big fail and the attack vectors
> are many.
>
> <sarcasm>I can just see my mother or grandma manually checking the hash of
> a download... </sarcasm>
>

Maybe a simple compromise would be to add a secure downloader to the
bitcoin client.

The download link could point to a meta-data file that has info on the
download.

file_url=
hash_url=
sig_url=
message=This is version x.y.z of the bitcoin client

It still suffers from the root CA problem though.  The bitcoin client would
accept Gavin's signature or a "core team" signature.

At least it would provide forward security.

It could also be used to download files for different projects, with
explicit warnings that you are adding a new trusted key.

When you try to download, you would be given a window

Project: Some Alternative Wallet
Signed by: P. Lead
Message:

Confirm download Yes No

However, even if you do that, each trusted key is only linked to a
particular project.

It would say if the project and/or leader is unknown.