Putting aside the question of necessity for a moment, a more efficient approach to this would be;
  1. Add another marker param like &s to the end of the URL
  2. Add another field to PaymentRequest that contains an ECC signature calculated using the public key that hashes to the address in the URI
  3. Upgraded wallets look for the additional param and if it's there, expect to find the PaymentDetails signed with the address key. PKI signing of course is still useful to provide an actual identity for receipts, display on hardware wallets, dispute mediation etc.
This adds only a few characters to a normal backwards-compatible QR code, and is not hard to implement.


On Fri, Sep 12, 2014 at 5:37 PM, Mike Hearn <mike@plan99.net> wrote:
That way we leave up to implementers to experiment with different
lengths and figure out what the optimum is

Ah, that's a good suggestion if we do go this way.