Re: [Bitcoin-development] Idea for new payment protocol PKI

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Mike Hearn <mike@plan99•net>
To: Melvin Carvalho <melvincarvalho@gmail•com>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Idea for new payment protocol PKI
Date: Fri, 9 Aug 2013 14:08:52 +0200	[thread overview]
Message-ID: <CANEZrP3fWbGAO3MSvAzicjPmPzUGVfSgxk_MnZNUhHzE7_9drg@mail.gmail.com> (raw)
In-Reply-To: <CAKaEYhLftC67Lrinc2yF0coqhJi_DpM4XvoXfBwJBGv=hFi3yQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1243 bytes --]

>
> Bitcoin sought to reduce dependence on trusted third parties, where as,
> persona is increasing the reach of trusted third parties.  The keys and
> passwords are stored on mozilla's servers, sometimes on your email
> providers.  Persona, is however, a progression and will hopefully improve
> its security and decentralization as it goes along.
>

When Persona is supported by all the key players in a transaction Mozilla
doesn't get anything, do they? You can easily run your own IDP on a
personal server if you're the kind of person who likes to do that, then run
Firefox so you have a native implementation and the Mozilla servers aren't
involved. The keys never leave your computers.

Whilst X.509 certs can indeed be issued for any arbitrary string, you still
need a CA that will do it for you, and that's typically not so trivial. CAs
aren't meant for widespread end user adoption, really, whereas Persona is.

I don't think Persona is any more or less centralised than other PKIs,
really, just easier to use. Ultimately the string you're verifying is a
user@host pair, so the host is centralised via DNS and to verify the
assertions it vends, you must use SSL to connect to it, so under the hood
the regular SSL PKI is still there.

[-- Attachment #2: Type: text/html, Size: 1672 bytes --]

next prev parent reply	other threads:[~2013-08-09 12:09 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-08-09 11:43 Mike Hearn
2013-08-09 11:57 ` Melvin Carvalho
2013-08-09 12:08   ` Mike Hearn [this message]
2013-08-09 12:17     ` Melvin Carvalho
2013-08-09 11:59 ` Wendell
2013-08-09 12:18   ` Melvin Carvalho

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CANEZrP3fWbGAO3MSvAzicjPmPzUGVfSgxk_MnZNUhHzE7_9drg@mail.gmail.com \
    --to=mike@plan99$(echo .)net \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    --cc=melvincarvalho@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox