đ
Original date posted:2011-12-15
đď¸ Summary of this message: The BIP15 standard should set the format of the client-server conversation, not the URI format, as interaction is necessary for generating temporary addresses. An aliasing server can give a single, unchanging, well-known label to a transacting party, but still enable that party to generate a new address per transaction. Anonymity is already lost in a supplier-client relationship, and any aliasing scheme necessarily reduces anonymity.
đ Original message:On 2011 December 15 Thursday, Walter Stanish wrote:
> > Andy sounded very convincing when talking in favor of URLs. What's
> > wrong with his proposal?
>
> A URI identifies a resource and is in effect an alias itself.
> Identifying a resource is different from interacting with it. So,
> while <resource-type>://<resource-type-specific-alias> will work
> sufficiently for the identification, it does not explain the
> interaction.
Quite so; the BIP15 standard shouldn't be setting the format of the URI; it
should be setting what the format of the client-server conversation is.
Effectively, what headers will a requesting client send? What headers should
a server require? What will a server respond?
> Interaction is a requirement, since there seems to be a widely felt
> need to preserve anonymity through the use of temporary addresses.
I think that's missing the point; any aliasing scheme is definitely reducing
your anonymity, neccessarily so -- the alias has to be looked up somewhere,
that somewhere reduces anonymity. If anonymity is what you want, stick with
just a bitcoin address. The point of an aliasing server is surely to be able
to give a single, unchanging, well known label to a transacting party, but
still enable that party to generate a new address per transaction.
I want my webshop to be able to say "please pay 3.20 BTC to
https://mywebshop.com/payments/orderid=27282"; to enable the automatic
connection from orderid to bitcoin address (which my payment system can then
monitor for payment receipt). (This is just one example).
> Generating a temporary address requires some actual processing to
> achieve, since the issuing of the new address cannot be done without
> interacting with the entity hosting the wallet (unless I'm missing
> something?).
Well yes; but then the client has no idea what address to send to unless it
connects to that URI... interaction/address generation is done when that
connection is made.
In short: I don't really think that this aliasing system should be concerning
itself with preserving anonymity of the receiving party. That is almost
certainly already gone (I'm hardly likely to send money to someone I don't
know unless I like gifting random cash). The sending party loses a little
anonymity because their IP is revealed when they connect to the aliasing
system. But there is very little anonymity in a supplier-client relationship
anyway (you have to say what goods you want, and where you want them, and you
had to interact with a website when you were ordering already).
Andy
--
Dr Andy Parkins
andyparkins at gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20111215/74e9c385/attachment.sig>;
Andy Parkins [ARCHIVE] /
npub1nxâŚ7wjrv
2023-06-07 02:47:22
in reply to nevent1qâŚqjdp
Author Public Key
npub1nxlvf9mj3jzgue25n5d9y47s3h5hvg0ded9hwpejdxj9mtrs34vs97wjrvSeen on
wss://relay.nostr.bandPublished at
2023-06-07 02:47:22Event JSON
{
"id": "8bae1f45c00b3f11e04b398dd88dfae25e84fe13a4d55ed61eb7314172186c39",
"pubkey": "99bec497728c848e65549d1a5257d08de97621edcb4b77073269a45dac708d59",
"created_at": 1686106042,
"kind": 1,
"tags": [
[
"e",
"f45e7ca88e6eb3dd1e645e8e3cbb476c5b24e8003cb71eebe205594bb2a4d152",
"",
"root"
],
[
"e",
"6cfc2737f34c9c611a2baddb2c42370c9852f6b513cfe30e715603d01f2f9476",
"",
"reply"
],
[
"p",
"77979142f3407f28a5a71956e33342e486ee981e614e0d2ea36ddaf27b8a5a67"
]
],
"content": "đ
Original date posted:2011-12-15\nđď¸ Summary of this message: The BIP15 standard should set the format of the client-server conversation, not the URI format, as interaction is necessary for generating temporary addresses. An aliasing server can give a single, unchanging, well-known label to a transacting party, but still enable that party to generate a new address per transaction. Anonymity is already lost in a supplier-client relationship, and any aliasing scheme necessarily reduces anonymity.\nđ Original message:On 2011 December 15 Thursday, Walter Stanish wrote:\n\n\u003e \u003e Andy sounded very convincing when talking in favor of URLs. What's\n\u003e \u003e wrong with his proposal?\n\u003e \n\u003e A URI identifies a resource and is in effect an alias itself.\n\u003e Identifying a resource is different from interacting with it. So,\n\u003e while \u003cresource-type\u003e://\u003cresource-type-specific-alias\u003e will work\n\u003e sufficiently for the identification, it does not explain the\n\u003e interaction.\n\nQuite so; the BIP15 standard shouldn't be setting the format of the URI; it \nshould be setting what the format of the client-server conversation is. \nEffectively, what headers will a requesting client send? What headers should \na server require? What will a server respond?\n\n\u003e Interaction is a requirement, since there seems to be a widely felt\n\u003e need to preserve anonymity through the use of temporary addresses.\n\nI think that's missing the point; any aliasing scheme is definitely reducing \nyour anonymity, neccessarily so -- the alias has to be looked up somewhere, \nthat somewhere reduces anonymity. If anonymity is what you want, stick with \njust a bitcoin address. The point of an aliasing server is surely to be able \nto give a single, unchanging, well known label to a transacting party, but \nstill enable that party to generate a new address per transaction.\n\nI want my webshop to be able to say \"please pay 3.20 BTC to \nhttps://mywebshop.com/payments/orderid=27282\" to enable the automatic \nconnection from orderid to bitcoin address (which my payment system can then \nmonitor for payment receipt). (This is just one example).\n\n\u003e Generating a temporary address requires some actual processing to\n\u003e achieve, since the issuing of the new address cannot be done without\n\u003e interacting with the entity hosting the wallet (unless I'm missing\n\u003e something?).\n\nWell yes; but then the client has no idea what address to send to unless it \nconnects to that URI... interaction/address generation is done when that \nconnection is made.\n\nIn short: I don't really think that this aliasing system should be concerning \nitself with preserving anonymity of the receiving party. That is almost \ncertainly already gone (I'm hardly likely to send money to someone I don't \nknow unless I like gifting random cash). The sending party loses a little \nanonymity because their IP is revealed when they connect to the aliasing \nsystem. But there is very little anonymity in a supplier-client relationship \nanyway (you have to say what goods you want, and where you want them, and you \nhad to interact with a website when you were ordering already).\n\n\n\nAndy\n-- \nDr Andy Parkins\nandyparkins at gmail.com\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 198 bytes\nDesc: This is a digitally signed message part.\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20111215/74e9c385/attachment.sig\u003e",
"sig": "94f2830929e50043d6344138c9f78bcb8c876734a61dca3c05c242af2d630b73d95ba9e4fb6b6bcc8cff60fe57cd589f5888c017722bf9bb3a9afff9089115ce"
}