>
>
> Using a desktop website and mobile device for 2/3 multisig in lieu of a
> hardware device (trezor) and desktop website (mytrezor) works, but the key
> is that the device used to input the two signatures cannot be in the same
> band.  What you are protecting against are MITM attacks.  The issue is that
> if a single device or network is compromised by malware, or if a party is
> connecting to a counterparty through a channel with compromised security,
> inputing 2 signatures through the same device/band defeats the purpose of
> 2/3 multisig.
>

Maybe I'm not following the conversation very well, but if you have a small
hardware device that first displays a signed payment request (BIP70) and
then only will sign what is displayed, how can a MITM attacker do anything
other than deny service?  They'd have to get malware onto the signing
device, which is the vector that a simplified signing device is
specifically designed to mitigate.

TREZOR like devices with BIP70 support and third party cosigning services
are a solution I really like the sound of.  I suppose though that adding
BIP70 request signature validation and adding certificate revocation
support starts to balloon the scope of what is supposed to be a very simple
device though.

Regardless, I think a standard for passing partially signed transactions
around might make sense (maybe a future extension to BIP70), with attention
to both PC <-> small hardware devices and pushing stuff around on the
Internet.  It would be great if users had a choice of hardware signing
devices, local software and third-party cosigning services that would all
interoperate out of the box to enable easy multisig security, which in the
BTC world subsumes the goals of 2FA.

--adam