Rick Wesson [ARCHIVE] on Nostr: š Original date posted:2011-07-26 šļø Summary of this message: A proposal was ...
š
Original date posted:2011-07-26
šļø Summary of this message: A proposal was made to support DNS lookups to publish a TXT record in the DNS with a wallet address to facilitate sending of coin. However, using URIs is simpler and more secure.
š Original message:Matt,
I started from the premise that I can't remember a bitcoin address but
I can/do remember email addresses which, as an identity are easy
labels for humans to remember. The IPv4 address is the metaphor I
consider. As someone who actually worked on parts of DNSSEC I do
believe in it -- and that it offers reasonable security for
transactions.
Remember MITM attacks on DNS for a transaction are for the sender
against the merchant, and it is only the wallet ID that would be
available. These identifiers are something people use "like" an
identity in that they are frequently shared in public spaces.
Also, a DNS mapping does not prevent or deny anyone from leveraging
HTTP(S) for simular mapping. My point is that DNS is designed for name
to thing mapping and its done a decent job. What I like about the DNS
is that it is frequently leveraged as a proxy for identity and http
URIs are not. Where https://wesson.us/ricks-bitcoin-address doesn't
feel like and identity (to me) and rick.wesson.us does.
My point is about usability and user experience. Bitcoin if used in
the DNS might make DNSSEC more popular which IMHO is a good thing.
-rick
On Mon, Jul 25, 2011 at 6:35 PM, Matt Corallo <bitcoin-list at bluematt.me> wrote:
> On Mon, 2011-07-25 at 17:29 -0700, Rick Wesson wrote:
>> I've just joined the list with the goals of producing a patch to
>> sendtoaddress in rpc.cpp to support DNS lookups so that one could
>> publish a TXT record in the DNS with their wallet address to
>> facilitate sending of coin.
>
> But...why?
> Using URIs is much simpler and can be more useful in terms of being able
> to give different addresses and/or values per user.
> Also, despite DNSSec being "out there" DNS is still very insecure to
> transmit something that will result in money transfer...some idiot tries
> it on public WiFi and a MITM steals your coins...DNS is really just not
> well suited for this kind of thing.
> If you want nice name->address mapping, a simple HTTPS server with
> addresses and client support (there are some patches around for this)
> works much better in the end.
>
> ------------------------------------------------------------------------------
> Magic Quadrant for Content-Aware Data Loss Prevention
> Research study explores the data loss prevention market. Includes in-depth
> analysis on the changes within the DLP market, and the criteria used to
> evaluate the strengths and weaknesses of these DLP solutions.
> http://www.accelacomm.com/jaw/sfnl/114/51385063/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
šļø Summary of this message: A proposal was made to support DNS lookups to publish a TXT record in the DNS with a wallet address to facilitate sending of coin. However, using URIs is simpler and more secure.
š Original message:Matt,
I started from the premise that I can't remember a bitcoin address but
I can/do remember email addresses which, as an identity are easy
labels for humans to remember. The IPv4 address is the metaphor I
consider. As someone who actually worked on parts of DNSSEC I do
believe in it -- and that it offers reasonable security for
transactions.
Remember MITM attacks on DNS for a transaction are for the sender
against the merchant, and it is only the wallet ID that would be
available. These identifiers are something people use "like" an
identity in that they are frequently shared in public spaces.
Also, a DNS mapping does not prevent or deny anyone from leveraging
HTTP(S) for simular mapping. My point is that DNS is designed for name
to thing mapping and its done a decent job. What I like about the DNS
is that it is frequently leveraged as a proxy for identity and http
URIs are not. Where https://wesson.us/ricks-bitcoin-address doesn't
feel like and identity (to me) and rick.wesson.us does.
My point is about usability and user experience. Bitcoin if used in
the DNS might make DNSSEC more popular which IMHO is a good thing.
-rick
On Mon, Jul 25, 2011 at 6:35 PM, Matt Corallo <bitcoin-list at bluematt.me> wrote:
> On Mon, 2011-07-25 at 17:29 -0700, Rick Wesson wrote:
>> I've just joined the list with the goals of producing a patch to
>> sendtoaddress in rpc.cpp to support DNS lookups so that one could
>> publish a TXT record in the DNS with their wallet address to
>> facilitate sending of coin.
>
> But...why?
> Using URIs is much simpler and can be more useful in terms of being able
> to give different addresses and/or values per user.
> Also, despite DNSSec being "out there" DNS is still very insecure to
> transmit something that will result in money transfer...some idiot tries
> it on public WiFi and a MITM steals your coins...DNS is really just not
> well suited for this kind of thing.
> If you want nice name->address mapping, a simple HTTPS server with
> addresses and client support (there are some patches around for this)
> works much better in the end.
>
> ------------------------------------------------------------------------------
> Magic Quadrant for Content-Aware Data Loss Prevention
> Research study explores the data loss prevention market. Includes in-depth
> analysis on the changes within the DLP market, and the criteria used to
> evaluate the strengths and weaknesses of these DLP solutions.
> http://www.accelacomm.com/jaw/sfnl/114/51385063/
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>