š
Original date posted:2011-07-30
šļø Summary of this message: The author offers patches for DNS lookup, but suggests a standardized HTTPS protocol for Bitcoin URI containing a domain name for better usability.
š Original message:I'm offering patches for DNS lookup, which seems good enough to locate
the irc server but not good enough for the folks that use copy/paste.
from a usability standpoint, the clipboard isn't a UI element in flow
design. Its also subject to MITM attacks for the most popular OSes.
Finally, think beyond you and your friends to how you can buy coffee
at starbucks easier and faster than with a starbucks card. Thats how
you make successful apps and protocols.
Has anyone offered to write the mythical
https-address-resolver-easy-button for bitcoind?
-rick
On Sat, Jul 30, 2011 at 4:34 AM, Mike Hearn <mike at plan99.net> wrote:
> This was already discussed on the forums, but clear use cases would be helpful.
>
> I originally thought this feature seemed like a no-brainer, but
> randomly emailing money to people out of the blue is not a very common
> operation. You almost always have contact with them first, if only to
> say "hey, I'm going to send you some money", but more commonly to
> figure out how much you're going to pay and what for.
>
> Once you have communication, providing an address in-band isn't very
> hard, and it has the advantage of always working. Doing anything with
> DNS or magic HTTPS endpoints means that 90% of the time, your feature
> *will not work* (eg it won't work for any gmail/yahoo/hotmail account)
> and users will rapidly learn not to bother trying as they have no way
> of knowing if any given address will work or not.
>
> It's not smart UI design to provide users with a feature that will
> normally never work, and for which they can't even guess at whether it
> will.
>
> What would be better to see is a standardized (probably HTTPS based)
> protocol in which a Bitcoin URI could contain a domain name, and then
> your client would challenge the domain to sign a nonce with the key
> corresponding to the address (or raw pubkey). This means in your
> client the payment can be rendered and recorded as a payment to
> "foobar.com", which is much more helpful. That protocol could then be
> extended to support "user at foobar.com" type challenges so when a
> bitcoin: link is provided, the server is challenged to prove ownership
> by that user of that public key. It means the details are hidden and
> when the feature is present, the UI gets silently better, but there's
> never any demand on any users to do anything different. The "copy
> Bitcoin address" button in the UI can provide the clipboard with both
> text/plain and text/html content so the right one is picked depending
> on context.
>
Rick Wesson [ARCHIVE] /
npub1xzā¦2925u
2023-06-07 02:07:43
in reply to nevent1qā¦8jtt
Author Public Key
npub1xz8q68hmzur6c6uje593nscy3q4njx05h4vnxmz2wxxptx7u7casl2925uPublished at
2023-06-07 02:07:43Event JSON
{
"id": "1a6a92f2b9d8773b4b8ddef55e93df0435c40ada6ad02b8719510818d7d12c13",
"pubkey": "308e0d1efb1707ac6b92cd0b19c304882b3919f4bd59336c4a718c159bdcf63b",
"created_at": 1686103663,
"kind": 1,
"tags": [
[
"e",
"8fd54e24bd93fd7d9d848a64b03950f07049907bb67ea5380cfd81c7de7d119c",
"",
"root"
],
[
"e",
"38dc4642c82e54b793722beadd7d53b35c423e8d22c88dcdeea01204d27d951b",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "š
Original date posted:2011-07-30\nšļø Summary of this message: The author offers patches for DNS lookup, but suggests a standardized HTTPS protocol for Bitcoin URI containing a domain name for better usability.\nš Original message:I'm offering patches for DNS lookup, which seems good enough to locate\nthe irc server but not good enough for the folks that use copy/paste.\n\nfrom a usability standpoint, the clipboard isn't a UI element in flow\ndesign. Its also subject to MITM attacks for the most popular OSes.\n\nFinally, think beyond you and your friends to how you can buy coffee\nat starbucks easier and faster than with a starbucks card. Thats how\nyou make successful apps and protocols.\n\nHas anyone offered to write the mythical\nhttps-address-resolver-easy-button for bitcoind?\n\n-rick\n\n\nOn Sat, Jul 30, 2011 at 4:34 AM, Mike Hearn \u003cmike at plan99.net\u003e wrote:\n\u003e This was already discussed on the forums, but clear use cases would be helpful.\n\u003e\n\u003e I originally thought this feature seemed like a no-brainer, but\n\u003e randomly emailing money to people out of the blue is not a very common\n\u003e operation. You almost always have contact with them first, if only to\n\u003e say \"hey, I'm going to send you some money\", but more commonly to\n\u003e figure out how much you're going to pay and what for.\n\u003e\n\u003e Once you have communication, providing an address in-band isn't very\n\u003e hard, and it has the advantage of always working. Doing anything with\n\u003e DNS or magic HTTPS endpoints means that 90% of the time, your feature\n\u003e *will not work* (eg it won't work for any gmail/yahoo/hotmail account)\n\u003e and users will rapidly learn not to bother trying as they have no way\n\u003e of knowing if any given address will work or not.\n\u003e\n\u003e It's not smart UI design to provide users with a feature that will\n\u003e normally never work, and for which they can't even guess at whether it\n\u003e will.\n\u003e\n\u003e What would be better to see is a standardized (probably HTTPS based)\n\u003e protocol in which a Bitcoin URI could contain a domain name, and then\n\u003e your client would challenge the domain to sign a nonce with the key\n\u003e corresponding to the address (or raw pubkey). This means in your\n\u003e client the payment can be rendered and recorded as a payment to\n\u003e \"foobar.com\", which is much more helpful. That protocol could then be\n\u003e extended to support \"user at foobar.com\" type challenges so when a\n\u003e bitcoin: link is provided, the server is challenged to prove ownership\n\u003e by that user of that public key. It means the details are hidden and\n\u003e when the feature is present, the UI gets silently better, but there's\n\u003e never any demand on any users to do anything different. The \"copy\n\u003e Bitcoin address\" button in the UI can provide the clipboard with both\n\u003e text/plain and text/html content so the right one is picked depending\n\u003e on context.\n\u003e",
"sig": "9b98cb9649a11a65a77b1b0474d8a0e2e382dafe389e076cc0482da4def7abb821a4041a548b117250668d63b37eb1ce7a7aa6ee9715b07a55c0a5404d047234"
}