Luke-Jr [ARCHIVE] on Nostr: 📅 Original date posted:2012-11-26 📝 Original message:On Monday, November 26, ...
📅 Original date posted:2012-11-26
📝 Original message:On Monday, November 26, 2012 11:16:03 PM Mike Hearn wrote:
> They could be included as well of course, but from a seller
> perspective the most important thing is consistency. You have to be
> able to predict what CAs the user has, otherwise your invoice would
> appear in the UI as unverified and is subject to manipulation by
> viruses, etc.
That's expected behaviour - except it's mainly be manipulated by *users*, not
viruses (which can just as easily manipulate whatever custom cert store we
use). If I don't trust Joe's certs, I don't want Bitcoin overriding that no
matter who Joe is or what connections he has.
> So using the OS cert store would effectively restrict merchants to the
> intersection of what ships in all the operating systems their users
> use, which could be unnecessarily restrictive. As far as I know, every
> browser has its own cert store for that reason.
Browsers with this bug are not relevant IMO.
📝 Original message:On Monday, November 26, 2012 11:16:03 PM Mike Hearn wrote:
> They could be included as well of course, but from a seller
> perspective the most important thing is consistency. You have to be
> able to predict what CAs the user has, otherwise your invoice would
> appear in the UI as unverified and is subject to manipulation by
> viruses, etc.
That's expected behaviour - except it's mainly be manipulated by *users*, not
viruses (which can just as easily manipulate whatever custom cert store we
use). If I don't trust Joe's certs, I don't want Bitcoin overriding that no
matter who Joe is or what connections he has.
> So using the OS cert store would effectively restrict merchants to the
> intersection of what ships in all the operating systems their users
> use, which could be unnecessarily restrictive. As far as I know, every
> browser has its own cert store for that reason.
Browsers with this bug are not relevant IMO.