public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mike Hearn <mike@plan99•net>
To: Jeremy Spilman <jeremy@taplink•co>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Payment Protocol Hash Comments
Date: Sun, 2 Mar 2014 09:44:21 +0100	[thread overview]
Message-ID: <CANEZrP22SF4bD2pA3MyNmAojUmtZ20r=eL2Lgt=Fa4ZJyG=5SA@mail.gmail.com> (raw)
In-Reply-To: <op.xb2352ezyldrnw@laptop-air>

[-- Attachment #1: Type: text/plain, Size: 1658 bytes --]

SHA-1 support is there for PHP developers. Apparently it can't do SHA-2.
On 2 Mar 2014 08:53, "Jeremy Spilman" <jeremy@taplink•co> wrote:

>  From BIP70:
>
>    If pki_type is "x509+sha256", then the Payment message is hashed using
> the
>    SHA256 algorithm to produce the message digest that is signed. If
> pki_type
>    is "x509+sha1", then the SHA1 algorithm is used.
>
> A couple minor comments;
>
>   - I think it meant to say the field to be hashed is 'PaymentRequest' not
> 'Payment' message -- probably got renamed at some point and this is an old
> reference calling it by its original name.
>
>   - Could be a bit more explicit about the hashing, e.g. 'copy the
> PaymentRequest, set the signature field to the empty string, serialize to
> a byte[] and hash.
>
>   - SHA1 is retiring, any particular reason to even have it in there at
> all?
>
>   - Should there any way for the end-user to see details like the pki_type
> and the certificate chain, like browser do?
>
>
> Thanks,
> Jeremy
>
>
>
> ------------------------------------------------------------------------------
> Flow-based real-time traffic analytics software. Cisco certified tool.
> Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer
> Customize your own dashboards, set traffic alerts and generate reports.
> Network behavioral analysis & security monitoring. All-in-one tool.
>
> http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>

[-- Attachment #2: Type: text/html, Size: 2350 bytes --]

  reply	other threads:[~2014-03-02  8:44 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-03-01  6:26 [Bitcoin-development] Positive and negative feedback on certificate validation errors Jeremy Spilman
2014-03-01  7:26 ` Wladimir
2014-03-01  7:50   ` Jeremy Spilman
2014-03-02 10:37     ` Mike Hearn
2014-03-02  7:52 ` [Bitcoin-development] Payment Protocol Hash Comments Jeremy Spilman
2014-03-02  8:44   ` Mike Hearn [this message]
2014-03-02  8:52     ` Drak
2014-03-02 10:39       ` Mike Hearn
2014-03-03 12:39         ` Drak
2014-03-02 18:18 ` [Bitcoin-development] Positive and negative feedback on certificate validation errors Troy Benjegerdes

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CANEZrP22SF4bD2pA3MyNmAojUmtZ20r=eL2Lgt=Fa4ZJyG=5SA@mail.gmail.com' \
    --to=mike@plan99$(echo .)net \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    --cc=jeremy@taplink$(echo .)co \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox