Andreas Schildbach [ARCHIVE] on Nostr: 📅 Original date posted:2015-02-23 📝 Original message:On 02/23/2015 11:58 AM, ...
📅 Original date posted:2015-02-23
📝 Original message:On 02/23/2015 11:58 AM, Mike Hearn wrote:
> You're right that just sending the session key is simpler. I
> originally suggested doing ECDHE to set up an encrypted channel
> for the following reasons: [...]
I read from your answer that even if we use ECDHE, we can't use it for
every situation. So in any case we need the simple bootstrap via a
session key parameter. My suggestion is defer ECDHE for now but keep it
in mind. We can add it later I think.
> These discussions keep coming up. I think the next step is for someone
> to upgrade Andreas' wallet to support encrypted connections and the
> TBIPs, to see what happens.
I happily step up and do the implementation work on the app side. A
first step could be:
- If there is an "s" parameter present wrap the Bluetooth connections
with AES. Sounds good?
📝 Original message:On 02/23/2015 11:58 AM, Mike Hearn wrote:
> You're right that just sending the session key is simpler. I
> originally suggested doing ECDHE to set up an encrypted channel
> for the following reasons: [...]
I read from your answer that even if we use ECDHE, we can't use it for
every situation. So in any case we need the simple bootstrap via a
session key parameter. My suggestion is defer ECDHE for now but keep it
in mind. We can add it later I think.
> These discussions keep coming up. I think the next step is for someone
> to upgrade Andreas' wallet to support encrypted connections and the
> TBIPs, to see what happens.
I happily step up and do the implementation work on the app side. A
first step could be:
- If there is an "s" parameter present wrap the Bluetooth connections
with AES. Sounds good?