๐
Original date posted:2014-08-19
๐ Original message:The concern is that if you can monitor traffic in and out of a single
node, you can determine which transactions originate from it vs those
which it relays. That's not great, certainly, but how many nodes
actually require that level of security, and surely they can use Tor or
VPN services if so?
Further, unless the remote nodes are in some way trusted, you're
changing the attack from read-only to requiring the ability to perform
a man in the middle attack - that doesn't seem much harder to me.
As Gregory states, there's been at least two recent serious if not
catastrophic OpenSSL bugs, and the consequences of Heartbleed if the
Bitcoin network had been vulnerable are the stuff of nightmares.
Very difficult to see the risk/reward payoff being worthwhile.
Ross
On 19/08/2014 18:35, Johnathan Corgan wrote:
> On 08/19/2014 09:38 AM, Gregory Maxwell wrote:
>
>> We've dodged several emergency scale vulnerabilities by not having TLS.
> I'm still trying to understand the original premise that we want
> encrypted communications between nodes.
>
> I can certainly see the value of having *authenticated* traffic with
> specific nodes, using an HMAC for the protocol messages in place of the
> current checksum.
>
>
>
> ------------------------------------------------------------------------------
>
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140820/19313167/attachment.html>