📅 Original date posted:2014-06-16
📝 Original message:The trust can be more automated in this case than it can with CAs. The
difference is that when a CA does something it shouldn't, like generates an
extra cert for a government to use in spoofing a site, nobody knows about
it, unless they mess up. Double spends on the network can be monitored and
stored for history. Merchants can and will share information on instant
provider trust with eachother, so they will essentially be able to build up
a credit history on a given instant provider without really knowing who
they are.
On Mon, Jun 16, 2014 at 1:46 PM, Mike Hearn <mike at plan99.net> wrote:
> On Mon, Jun 16, 2014 at 10:37 PM, Daniel Rice <drice at greenmangosystems.com
> > wrote:
>
>> True, that would work, but still how are you going to bootstrap the
>> trust? TREZOR is well known, but in a future where there could be 100
>> different companies trying to release a similar product to TREZOR it seems
>> like one company could corner the market by being the only one that is an
>> accepted instant provider at most vendors
>>
>
> It's no different to the CA problem. People can only mentally handle a few
> trust anchors, so for SSL it goes:
>
> 1 User -> 2-3 browser makers -> 100's of CAs -> millions of websites
>
> The trust starts out narrowly funnelled and grows outwards as things get
> outsourced.
>
> For this it'd go
>
> 1 merchant -> 4-5 payment processing engines -> dozens of hardware
> manufacturers -> hundreds of thousands of devices
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140616/c00bb23f/attachment.html>;
Daniel Rice [ARCHIVE] /
npub1mn…3vect
2023-06-07 15:22:48
in reply to nevent1q…84xg
Author Public Key
npub1mn37wn20kd63upafw66dncxceyvfud6ceyjj37st94a9qlnsrweqn3vectPublished at
2023-06-07 15:22:48Event JSON
{
"id": "fd2395f07a8006be851d05b3ae8d7c0844817eccd931ef12ff15878557e7cce6",
"pubkey": "dce3e74d4fb3751e07a976b4d9e0d8c9189e3758c92528fa0b2d7a507e701bb2",
"created_at": 1686151368,
"kind": 1,
"tags": [
[
"e",
"ed0eede28e160c2ef8ddd5af1ee3069fdb0eb5f4c939c1c09a1a5f338c30c628",
"",
"root"
],
[
"e",
"7c04daca4be8ebdf1a6135698740b675b8a9b3b88d26f9b2a3e974d6e48f5285",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2014-06-16\n📝 Original message:The trust can be more automated in this case than it can with CAs. The\ndifference is that when a CA does something it shouldn't, like generates an\nextra cert for a government to use in spoofing a site, nobody knows about\nit, unless they mess up. Double spends on the network can be monitored and\nstored for history. Merchants can and will share information on instant\nprovider trust with eachother, so they will essentially be able to build up\na credit history on a given instant provider without really knowing who\nthey are.\n\n\nOn Mon, Jun 16, 2014 at 1:46 PM, Mike Hearn \u003cmike at plan99.net\u003e wrote:\n\n\u003e On Mon, Jun 16, 2014 at 10:37 PM, Daniel Rice \u003cdrice at greenmangosystems.com\n\u003e \u003e wrote:\n\u003e\n\u003e\u003e True, that would work, but still how are you going to bootstrap the\n\u003e\u003e trust? TREZOR is well known, but in a future where there could be 100\n\u003e\u003e different companies trying to release a similar product to TREZOR it seems\n\u003e\u003e like one company could corner the market by being the only one that is an\n\u003e\u003e accepted instant provider at most vendors\n\u003e\u003e\n\u003e\n\u003e It's no different to the CA problem. People can only mentally handle a few\n\u003e trust anchors, so for SSL it goes:\n\u003e\n\u003e 1 User -\u003e 2-3 browser makers -\u003e 100's of CAs -\u003e millions of websites\n\u003e\n\u003e The trust starts out narrowly funnelled and grows outwards as things get\n\u003e outsourced.\n\u003e\n\u003e For this it'd go\n\u003e\n\u003e 1 merchant -\u003e 4-5 payment processing engines -\u003e dozens of hardware\n\u003e manufacturers -\u003e hundreds of thousands of devices\n\u003e\n\u003e\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140616/c00bb23f/attachment.html\u003e",
"sig": "5c263daa498d67168b29582ab003873a234ab2c492f886e287c1ca2977ab70ac04dcbc61d33a4c0c1a29b94d90aa17a644989efd34dc0ceeeef3de39be610c97"
}