Jorge Timón [ARCHIVE] on Nostr: 📅 Original date posted:2011-12-19 🗒️ Summary of this message: HTTP is not ...
📅 Original date posted:2011-12-19
🗒️ Summary of this message: HTTP is not secure, HTTPS may need a warning, Namecoin is secure but difficult to integrate, and using it to specify payment address is not ideal. A negotiating protocol like JSON is suggested.
📝 Original message:Ok, so HTTP is not an option unless it shows a huge warning. I don't
know the HTTPS possible attack, but maybe it needs a warning message
too, from what you people are saying. Although using namecoin to
identify hosts may be the more secure option, it's integration with
the client seems more difficult and probably most clients won't
support it. Using namecoin to directly specify the payment address
seems a bad idea for most cases for the reasons that have been said.
For the "answer format" JSON seems ok, but I mean a "negotiating
protocol" like luke-jr says. I'd even include green addresses there
but probably many of you don't like the idea.
2011/12/19, slush <slush at centrum.cz>:
> And if I need to choose between easy solution or secure solution for
> aliases, I'll pick that easy one. I mean - we need some solution which will
> be easy enough for daily use; it is something what we currently don't have.
> But if I want to be really really sure I'm using correct destination for
> paying $1mil for a house, I can every time ask for real bitcoin addresses,
> this is that secure way which we currently have.
I agree.
🗒️ Summary of this message: HTTP is not secure, HTTPS may need a warning, Namecoin is secure but difficult to integrate, and using it to specify payment address is not ideal. A negotiating protocol like JSON is suggested.
📝 Original message:Ok, so HTTP is not an option unless it shows a huge warning. I don't
know the HTTPS possible attack, but maybe it needs a warning message
too, from what you people are saying. Although using namecoin to
identify hosts may be the more secure option, it's integration with
the client seems more difficult and probably most clients won't
support it. Using namecoin to directly specify the payment address
seems a bad idea for most cases for the reasons that have been said.
For the "answer format" JSON seems ok, but I mean a "negotiating
protocol" like luke-jr says. I'd even include green addresses there
but probably many of you don't like the idea.
2011/12/19, slush <slush at centrum.cz>:
> And if I need to choose between easy solution or secure solution for
> aliases, I'll pick that easy one. I mean - we need some solution which will
> be easy enough for daily use; it is something what we currently don't have.
> But if I want to be really really sure I'm using correct destination for
> paying $1mil for a house, I can every time ask for real bitcoin addresses,
> this is that secure way which we currently have.
I agree.