📅 Original date posted:2011-12-19
🗒️ Summary of this message: Proposal to limit trusted CA certificates for Bitcoin client to those with good identity verification practices, but this may limit accessibility.
📝 Original message:On Monday, December 19, 2011 6:44:59 AM Andy Parkins wrote:
> Perhaps we should be more strict about which CA certificates are trusted by
> the bitcoin client: say restrict it to those who have demonstrably good
> practices for verifying identity; rather than the ridiculous amount of
> trust that comes pre-installed for me in my browser.
Accepted CAs is/should be a property of your *operating system*, not any
particular software. Anyhow, restricting this further just makes it even more
unusable. Already there is only 1 or 2 CAs that will provide a gratis
certificate for personal/small users. If you only allow high-class CAs, I
imagine that will restrict "no key in the URI" aliases to those who will fork
over a lot of money.
Luke-Jr [ARCHIVE] /
npub1dt…u7wrs
2023-06-07 02:44:30
in reply to nevent1q…n64m
Author Public Key
npub1dtr22xd42nv07un2xq0rmtkqkjylgsmexau0anxxafa9xmmn2ncshu7wrsPublished at
2023-06-07 02:44:30Event JSON
{
"id": "03993573af906d38599b9052d14fb118b3300afdad25097c6eb3a0b266d959c4",
"pubkey": "6ac6a519b554d8ff726a301e3daec0b489f443793778feccc6ea7a536f7354f1",
"created_at": 1686105870,
"kind": 1,
"tags": [
[
"e",
"247922e9146ee6b54a634fc05ad7a489892c01debcd0510d008be95a47f6db80",
"",
"root"
],
[
"e",
"53a350370126a117dcc97c04c1dfe17f97f5d66aa040eeea7dc1b63860deb09e",
"",
"reply"
],
[
"p",
"308e0d1efb1707ac6b92cd0b19c304882b3919f4bd59336c4a718c159bdcf63b"
]
],
"content": "📅 Original date posted:2011-12-19\n🗒️ Summary of this message: Proposal to limit trusted CA certificates for Bitcoin client to those with good identity verification practices, but this may limit accessibility.\n📝 Original message:On Monday, December 19, 2011 6:44:59 AM Andy Parkins wrote:\n\u003e Perhaps we should be more strict about which CA certificates are trusted by\n\u003e the bitcoin client: say restrict it to those who have demonstrably good\n\u003e practices for verifying identity; rather than the ridiculous amount of\n\u003e trust that comes pre-installed for me in my browser.\n\nAccepted CAs is/should be a property of your *operating system*, not any \nparticular software. Anyhow, restricting this further just makes it even more \nunusable. Already there is only 1 or 2 CAs that will provide a gratis \ncertificate for personal/small users. If you only allow high-class CAs, I \nimagine that will restrict \"no key in the URI\" aliases to those who will fork \nover a lot of money.",
"sig": "d3a34e8944cb207627c0a38f988aae583c2ca84edb15a702ab7c58a0ec566adae85f3a1db365f802273dc9f0d2f5555cf0b44cdec7bb10268f576f0adcf82c70"
}