📅 Original date posted:2013-11-02 📝 Original message:-----BEGIN PGP SIGNED ...

Mark Friedenbach [ARCHIVE] /

npub1r3s…8d0u

2023-06-07 15:08:28

in reply to nevent1q…ujtm

📅 Original date posted:2013-11-02
📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Or SIGHASH of a transaction spending those coins or updating the SIN...

On 11/2/13 2:14 PM, Johnathan Corgan wrote:> On 11/01/2013 10:01 PM,
bitcoingrant at gmx.com wrote:
>
>> Server provides a token for the client to sign.
>
> Anyone else concerned about signing an arbitrary string? Could be
> a hash of $EVIL_DOCUMENT, no? I'd want to XOR the string with my
> own randomly generated nonce, sign that, then pass the nonce and
> the signature back to the server for verification.
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSdXPaAAoJEAdzVfsmodw4+m8P/1Ce/PwZOYfiFuFJ8pmT2tb2
ro7tw7zSr12RSTvs+qRl7lDzJzQ6BDXOdXZCkcU0Vj3TDm8fdrrXN/iw3iQYU/5Y
3K7hj2mGqQUMovCLw0CbrMWrMvor7FhO6MZsRwe0+VxDV/dDrX5f5vSEhnkR26be
NrzOFU4hqGM3R4eLq8Bmw5rVD/VCrRzKoXXAvJb1EwM1+fQPjKi+bNMJu3reyfXU
5eMbbiM6tUMmPXy9M6vZrN+6ad53x3KUVP6+/hXxsrnfPp57WQzRZlvwTo/qdJ1C
Oxl71m6o2zkXbLTFmg1xmK/A4V1BPTLD6nLDIsw+wTBBfdn22pfDv6Q8d3VRctrd
6x+PMkwysoMjhemmkXCY/7G9GD6AGsrYSqIShSULd9QO5WxAFzRO01ewiRUCUFHi
Dn0LEjy8/R/CWK3jvj9uL3vQh9DLdOtqf/X7cEtjF3LThVP+stFTsmXObhTh/8Ai
YYjpnwOFG5ZtDzRZfP3OCwyhqlsaMlNgN4xnyR4GPaoJRP3a0zllblIbTWzg6nhY
jbON5Ec9N9txGhagYOoAvcQYqGyJdffkBzW82CRUsFYuYYmW2oLUQXPhAGDBIzzj
g/7RjMlM1OEp3qctxMZQlrTj7VJmhD768PRLh2XvEDmEC5Qb8Tcq28Nq5t85/O/6
i3+pzT5rMuiIZWLx7Msv
=tAUY
-----END PGP SIGNATURE-----

Author Public Key

npub1r3san9v5njl6798hvauyu9ntm6r9c7u8s0t65wls58gpfdcvqp5sa48d0u

Show more details

Published at

2023-06-07 15:08:28

Kind type

1 Short Text Note

Event JSON

{ "id": "65f1a6c0f7edb724f90c589427e8d654b4923261f22cf483b69997b2f1a1bb2b", "pubkey": "1c61d995949cbfaf14f767784e166bde865c7b8783d7aa3bf0a1d014b70c0069", "created_at": 1686150508, "kind": 1, "tags": [ [ "e", "724c6f13ca667850218ef24a7051f9062418fb5d7bd972070be69e4bf08accba", "", "root" ], [ "e", "5eed253ff5cf6315c741824514d7f3fb3be0b1d07df5fb1f7b20dd2c1f8c2180", "", "reply" ], [ "p", "96b5dcd8eedfa403b3a94c15f3bab1cb084736a0f2f1301119d1819109ecc06d" ] ], "content": "📅 Original date posted:2013-11-02\n📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nOr SIGHASH of a transaction spending those coins or updating the SIN...\n\nOn 11/2/13 2:14 PM, Johnathan Corgan wrote:\u003e On 11/01/2013 10:01 PM,\nbitcoingrant at gmx.com wrote:\n\u003e \n\u003e\u003e Server provides a token for the client to sign.\n\u003e \n\u003e Anyone else concerned about signing an arbitrary string? Could be\n\u003e a hash of $EVIL_DOCUMENT, no? I'd want to XOR the string with my\n\u003e own randomly generated nonce, sign that, then pass the nonce and\n\u003e the signature back to the server for verification.\n\u003e \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.19 (Darwin)\nComment: GPGTools - http://gpgtools.org\nComment: Using GnuPG with Thunderbird - http://www.enigmail.net/\n\niQIcBAEBAgAGBQJSdXPaAAoJEAdzVfsmodw4+m8P/1Ce/PwZOYfiFuFJ8pmT2tb2\nro7tw7zSr12RSTvs+qRl7lDzJzQ6BDXOdXZCkcU0Vj3TDm8fdrrXN/iw3iQYU/5Y\n3K7hj2mGqQUMovCLw0CbrMWrMvor7FhO6MZsRwe0+VxDV/dDrX5f5vSEhnkR26be\nNrzOFU4hqGM3R4eLq8Bmw5rVD/VCrRzKoXXAvJb1EwM1+fQPjKi+bNMJu3reyfXU\n5eMbbiM6tUMmPXy9M6vZrN+6ad53x3KUVP6+/hXxsrnfPp57WQzRZlvwTo/qdJ1C\nOxl71m6o2zkXbLTFmg1xmK/A4V1BPTLD6nLDIsw+wTBBfdn22pfDv6Q8d3VRctrd\n6x+PMkwysoMjhemmkXCY/7G9GD6AGsrYSqIShSULd9QO5WxAFzRO01ewiRUCUFHi\nDn0LEjy8/R/CWK3jvj9uL3vQh9DLdOtqf/X7cEtjF3LThVP+stFTsmXObhTh/8Ai\nYYjpnwOFG5ZtDzRZfP3OCwyhqlsaMlNgN4xnyR4GPaoJRP3a0zllblIbTWzg6nhY\njbON5Ec9N9txGhagYOoAvcQYqGyJdffkBzW82CRUsFYuYYmW2oLUQXPhAGDBIzzj\ng/7RjMlM1OEp3qctxMZQlrTj7VJmhD768PRLh2XvEDmEC5Qb8Tcq28Nq5t85/O/6\ni3+pzT5rMuiIZWLx7Msv\n=tAUY\n-----END PGP SIGNATURE-----", "sig": "fe1186c1c2d539ab1022482db6232441aa0eb23f4e6c8d21079c1a5639fc8525de9d398c76b22f9de42f6b6e8d18e687e1a32db7f134162e9d4d60bf322b3ee1" }