Mike Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2015-02-05 📝 Original message:> > Even if a user could ...
📅 Original date posted:2015-02-05
📝 Original message:>
> Even if a user could get the BIP70 URL in the URI, they would still need
> internet to access the URL.
>
The way Bitcoin Wallet does it, the bitcoin URI includes a MAC address
where you can download the request from. BIP70 does not depend on internet
access or HTTP, plus, you don't have to sign them.
The name field might work but requires the merchant to set it, e.g. by
asking the payer what their name is, then typing it in, then the payer has
to wait for it to show up. By this point it's probably faster to have
scanned a QR code.
Re: security. I'll repeat what I wrote up-thread in case you didn't see it:
it's not clear to me at all that this partial address scheme is actually
> secure. The assumption appears to be that the MITM must match the address
> prefix generated by the genuine merchant. But if they can do a wireless
> MITM they can just substitute their own address prefix/partial address, no?
>
> To avoid MITM attacks the sender must know who they are sending money to,
> and that means they must see a human understandable name that's
> cryptographically bound to the right public key. Displaying partial
> addresses to the user is not going to solve this unless users manually
> compare key prefixes across the screens.... which is even less convenient
> than a QR code.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150205/c3eb897f/attachment.html>
📝 Original message:>
> Even if a user could get the BIP70 URL in the URI, they would still need
> internet to access the URL.
>
The way Bitcoin Wallet does it, the bitcoin URI includes a MAC address
where you can download the request from. BIP70 does not depend on internet
access or HTTP, plus, you don't have to sign them.
The name field might work but requires the merchant to set it, e.g. by
asking the payer what their name is, then typing it in, then the payer has
to wait for it to show up. By this point it's probably faster to have
scanned a QR code.
Re: security. I'll repeat what I wrote up-thread in case you didn't see it:
it's not clear to me at all that this partial address scheme is actually
> secure. The assumption appears to be that the MITM must match the address
> prefix generated by the genuine merchant. But if they can do a wireless
> MITM they can just substitute their own address prefix/partial address, no?
>
> To avoid MITM attacks the sender must know who they are sending money to,
> and that means they must see a human understandable name that's
> cryptographically bound to the right public key. Displaying partial
> addresses to the user is not going to solve this unless users manually
> compare key prefixes across the screens.... which is even less convenient
> than a QR code.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150205/c3eb897f/attachment.html>