📅 Original date posted:2014-08-19
📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 08/19/2014 03:30 PM, Richard Moore wrote:
> Oh, I see. I misread, thinking you wanted the dev team to have a
> private key and share the public key, similar to alerts. But each
> peer would have a public/private key pair and use something akin to
> ECDH for a symmetric key and transport using a block cipher?
>
> How would you share the public key? If I were a man-in-the-middle,
> I could intercept the public key, generate my own and pass that
> along and then decouple the pipe when the other side shares their
> public key.
>
> Also, you should not ignore your SSH fingerprint, as you exactly
> open yourself to mitm attacks.
http://curvecp.org
If that's not acceptable, even using TLS with self-signed certificates
would be an improvement.
- --
Support online privacy by using email encryption whenever possible.
Learn how here: http://www.youtube.com/watch?v=bakOKJFtB-k
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCAAGBQJT83Y1AAoJEMP3uyY4RQ21aqUH/3rGvgz3J6UYY2Qb2qzNoucB
QqIj4fByZncX7Fhx5YK6fc6QoLr4Oqxd+zgbJ3ghrLtAJ7dm61iLmmib8MuDz2K1
kQj8xmZhWuUFI26bjK54RlKoWg46XFKNKcaVub6JmVg9dH8mX86mF746KnR5ZqdX
BuehWoEqcHlY3JkrTgOGpHjT/EGScZQxzJHzsBOfUJuX12lFtzcWzBTZyo5K8fD+
6eub3i6Fc4qn/c788UVFsmHeWV+NCeB1/y94V1+peIPWYhrZO+FVm+xEflG4U81Q
MRejqNjFT8ztT5vRHx1qJsmIgnzT0SXfh+FRt0hdqJizjlmyntMmCXjFmtnIeT8=
=9qWl
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x38450DB5.asc
Type: application/pgp-keys
Size: 14046 bytes
Desc: not available
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140819/b2be03df/attachment.bin>;
Justus Ranvier [ARCHIVE] /
npub1k2…9qd6m
2023-06-07 15:25:19
in reply to nevent1q…cftm
Author Public Key
npub1k2eekmevs6gg60df75qpjw4a2atmy89vx28c8zqq5jxy64tuzrws39qd6mPublished at
2023-06-07 15:25:19Event JSON
{
"id": "aec068b7da335d7b4b2f4787d2c012392c2c461c26f1d155e3db13d9f7e852a3",
"pubkey": "b2b39b6f2c86908d3da9f500193abd5757b21cac328f838800a48c4d557c10dd",
"created_at": 1686151519,
"kind": 1,
"tags": [
[
"e",
"f7d80207f3f3e09247c97d3e8c17b8e8b9ffc855be5e4ac09f019815084b2528",
"",
"root"
],
[
"e",
"4abe7b38ff96f17747f1538e3eaed31284168504bc75c93858b6b7cb5f42f528",
"",
"reply"
],
[
"p",
"1981fc26b3575cfe0cdafd51e1cac49a0eda39ffb00379f4981e2e4bc5aeb2c5"
]
],
"content": "📅 Original date posted:2014-08-19\n📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nOn 08/19/2014 03:30 PM, Richard Moore wrote:\n\u003e Oh, I see. I misread, thinking you wanted the dev team to have a\n\u003e private key and share the public key, similar to alerts. But each\n\u003e peer would have a public/private key pair and use something akin to\n\u003e ECDH for a symmetric key and transport using a block cipher?\n\u003e \n\u003e How would you share the public key? If I were a man-in-the-middle,\n\u003e I could intercept the public key, generate my own and pass that\n\u003e along and then decouple the pipe when the other side shares their\n\u003e public key.\n\u003e \n\u003e Also, you should not ignore your SSH fingerprint, as you exactly\n\u003e open yourself to mitm attacks.\n\nhttp://curvecp.org\n\nIf that's not acceptable, even using TLS with self-signed certificates\nwould be an improvement.\n\n- -- \nSupport online privacy by using email encryption whenever possible.\nLearn how here: http://www.youtube.com/watch?v=bakOKJFtB-k\n-----BEGIN PGP SIGNATURE-----\n\niQEcBAEBCAAGBQJT83Y1AAoJEMP3uyY4RQ21aqUH/3rGvgz3J6UYY2Qb2qzNoucB\nQqIj4fByZncX7Fhx5YK6fc6QoLr4Oqxd+zgbJ3ghrLtAJ7dm61iLmmib8MuDz2K1\nkQj8xmZhWuUFI26bjK54RlKoWg46XFKNKcaVub6JmVg9dH8mX86mF746KnR5ZqdX\nBuehWoEqcHlY3JkrTgOGpHjT/EGScZQxzJHzsBOfUJuX12lFtzcWzBTZyo5K8fD+\n6eub3i6Fc4qn/c788UVFsmHeWV+NCeB1/y94V1+peIPWYhrZO+FVm+xEflG4U81Q\nMRejqNjFT8ztT5vRHx1qJsmIgnzT0SXfh+FRt0hdqJizjlmyntMmCXjFmtnIeT8=\n=9qWl\n-----END PGP SIGNATURE-----\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: 0x38450DB5.asc\nType: application/pgp-keys\nSize: 14046 bytes\nDesc: not available\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140819/b2be03df/attachment.bin\u003e",
"sig": "4cb8bd820f9e24b0964ac5c355aba57254f20c39ae16fbda4cc021ce76d7497da223b6b35896207840d08b498400d2591bd721c0795f20741706f73322a3ce4b"
}