Matt Corallo [ARCHIVE] on Nostr: ๐ Original date posted:2011-12-16 ๐๏ธ Summary of this message: Proposal to use ...
๐
Original date posted:2011-12-16
๐๏ธ Summary of this message: Proposal to use Bitcoin's existing code for transactions to IP addresses for dynamic address lookup. Suggestions include extending the protocol and enabling DNS lookups.
๐ Original message:On Thu, 2011-12-15 at 13:59 -0600, theymos wrote:
> Bitcoin already has code and a protocol for transactions to IP
> addresses. Why not reuse that for dynamic address lookup? Just a few
> changes are necessary to enable complete user at server.com handling:
I'm not against this, but I think its way overcomplicated when compared
to the DNS or HTTPS methods.
> - Extend the protocol so that "reply" messages can be signed by a fixed
> public key
> - Extend "checkorder" messages so they can specify an account to
> send BTC to. Or standardize on how to put the account into the
> message field.
OK, not too debatable, but considering how terrible bitcoind's account
handling is, the second might not be easy to get right...
> - Enable DNS lookups for IP transactions. The DNS-only proposals could
> also be used here to avoid having to use the IP transaction protocol
> sometimes. The public key for signing "reply" messages can be gotten
> from TXT records. This will be safe with DNSSEC and Namecoin. With
> plain DNS Bitcoin could take a SSH-like approach and ask the user to
> verify the public key the first time it is used, remembering it later.
This is where I think this method becomes way overcomplicated. Not only
do you have to update the IP-Transaction code, but now you have to
implement the full DNS System that is the other option as well. Note
that to make this secure, we have to have a full DNSSEC-capable resolver
built-into bitcoind (there are libs, but it has to happen). Yes you can
ask the user "does this fingerprint look right to you? Y/N" but that
always opens you up to a ton of users getting screwed out of coins and I
don't think it should be enabled, except in bitcoind, and since the main
target of this whole alias system is bitcoin-qt users, well...
Matt
๐๏ธ Summary of this message: Proposal to use Bitcoin's existing code for transactions to IP addresses for dynamic address lookup. Suggestions include extending the protocol and enabling DNS lookups.
๐ Original message:On Thu, 2011-12-15 at 13:59 -0600, theymos wrote:
> Bitcoin already has code and a protocol for transactions to IP
> addresses. Why not reuse that for dynamic address lookup? Just a few
> changes are necessary to enable complete user at server.com handling:
I'm not against this, but I think its way overcomplicated when compared
to the DNS or HTTPS methods.
> - Extend the protocol so that "reply" messages can be signed by a fixed
> public key
> - Extend "checkorder" messages so they can specify an account to
> send BTC to. Or standardize on how to put the account into the
> message field.
OK, not too debatable, but considering how terrible bitcoind's account
handling is, the second might not be easy to get right...
> - Enable DNS lookups for IP transactions. The DNS-only proposals could
> also be used here to avoid having to use the IP transaction protocol
> sometimes. The public key for signing "reply" messages can be gotten
> from TXT records. This will be safe with DNSSEC and Namecoin. With
> plain DNS Bitcoin could take a SSH-like approach and ask the user to
> verify the public key the first time it is used, remembering it later.
This is where I think this method becomes way overcomplicated. Not only
do you have to update the IP-Transaction code, but now you have to
implement the full DNS System that is the other option as well. Note
that to make this secure, we have to have a full DNSSEC-capable resolver
built-into bitcoind (there are libs, but it has to happen). Yes you can
ask the user "does this fingerprint look right to you? Y/N" but that
always opens you up to a ton of users getting screwed out of coins and I
don't think it should be enabled, except in bitcoind, and since the main
target of this whole alias system is bitcoin-qt users, well...
Matt