On 8 December 2013 12:37, Luke-Jr <luke@dashjr.org> wrote:

Encryption is useless here. We want everyone to be able to download Bitcoin
clients. Binaries on sourceforge are signed by multiple parties using gitian.

> Decentralization:
> So long as we actually use DNS, the website is centralized :( However,
> its content isn't (can be forked on GitHub), but regarding the domain
> name, there is not much we can do against this AFAIK.

So long as someone has root (or a user that can modify it), the website is
centralised. To really solve this, we would need a dedicated server that
accepts commands only when signed by N-of-M parties, inside a cage locked by
padlocks with keys held by independent parties, with a SSL certificate issued
by an authority that has multiple parties watch it every step of the way into
that server.

Malicious actors with root access to the server is another issue entirely. Sure it's a problem, but it is not an argument not to have a properly signed SSL certificate.

With out one, the exploit can be performed on routers to redirect traffic through a third party alter the content of the site (like the links on bitcoin.org to various wallet projects) and then onto the correct destination. SSL at least mitigates that. For example it would be trivial to impersonate Electrum's site or whatever, "change" the link on the fly that appears on the trusted source bitcoin.org via BGP redirection. Now users will be directed to the scammers site which could be identical except for domain name and of course malicious binaries.

BGP redirection is a reality and can be exploited without much expense/effort. MITM is a real world threat, not some theoretical possibility - reports show it's happening on an unprecedented scale. SSL is essential - that's a no-brainer. Sure other measures are important, but without SSL there is almost no point to any of the other options.

SSL is so considered so important that the HTTP 2.0 spec might be SSL only according to recent discussions at the W3C (http://lists.w3.org/Archives/Public/ietf-http-wg/2013OctDec/0625.html).

Drak