Low light shouldn't be an issue for QRcodes generated by phones. They have backlit screens that should always be bright enough. I can see how it might be an issue for printed codes. If your phone has no Bitcoin app installed then being redirected to an invoice page is pretty useless, you still won't be able to pay the bill no matter what (where do you get the money from?). If they are just raw HTTP URLs then it means the effect of scanning a QRcode with a standalone scanner app is different to scanning it inside the wallet, which is unlike all other uses of QRcodes I know of. So I'm not really convinced by that UX yet. Perhaps we can thrash it out in Amsterdam. Right now I'm thinking QRcodes should always contain bitcoin URIs. On Wed, Sep 25, 2013 at 4:31 PM, Jeff Garzik wrote: > BitPay experimented with QR codes in low light, restaurant and other > conditions. QR codes become difficult to use even at 100 chars. > > On the merchant side, we prefer a short URL that speaks payment > protocol if visited via bitcoin client, but will gracefully work if > scanned by a phone with zero bitcoin support -- you will simply be > redirected to a BitPay invoice page for a normal browser. > > > > On Wed, Sep 25, 2013 at 7:59 AM, Andreas Schildbach > wrote: > > On 09/25/2013 01:45 PM, Mike Hearn wrote: > > > >> OK, it might fit if you don't use any of the features the protocol > >> provides :) > > > > Now you're dver-dramaticing (-: > > > > I'm just skipping one feature which I think is useless for QR codes > > scanned in person. > > > >> You can try it here: > > > > Thanks. A typical request would be around 60 bytes, which should produce > > an URL with around 100 chars. That should be fine for scanning, but I > > will experiment. > > > >> If you're thinking about governments and so on subverting CA's, then > >> there is a plan for handling that (outside the Bitcoin world) called > >> certificate transparency which is being implemented now. > > > > Good to hear. Let's see if it gets momentum. > > > >> Now when you are getting a QR code from the web, it's already being > >> served over HTTPS. So if you're up against an attacker who can break a > >> CA in order to steal your money, then you already lose, the QRcode > >> itself as MITMd. > > > > Sure. I was talking about QR codes scanned in person. > > > >> In the Bluetooth case we might have to keep the address around and use > >> it to do ECDHE or something like that. > > > > Yeah, will look at that as soon as we're implementing the payment > > protocol fully. > > > > > > > > > ------------------------------------------------------------------------------ > > October Webinars: Code for Performance > > Free Intel webinars can help you accelerate application performance. > > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most > from > > the latest Intel processors and coprocessors. See abstracts and register > > > > > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk > > _______________________________________________ > > Bitcoin-development mailing list > > Bitcoin-development@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > -- > Jeff Garzik > Senior Software Engineer and open source evangelist > BitPay, Inc. https://bitpay.com/ > > > ------------------------------------------------------------------------------ > October Webinars: Code for Performance > Free Intel webinars can help you accelerate application performance. > Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most > from > the latest Intel processors and coprocessors. See abstracts and register > > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development >