📅 Original date posted:2012-11-26
📝 Original message:Obviously this LGTM :)
Minor caveat, IMHO we should support all CAs used by the popular
browsers. This ensures no merchant ever finds that their SSL cert they
already own is OK for the web but not for Bitcoin. I don't see a need
to be stricter here, given all it achieves is signing some data in a
way linked with a domain name.
X.509 is pretty baroque indeed, for our use cases it'd not be hard to
do better. In particular, the inability to delegate properly rather
defeats the benefits of chained certificates. For the payment
processor case what you really want to do is take your keys, then
issue a new cert that is specific to signing Bitcoin transactions and
give that to the payment processor secure in the knowledge that they
cannot MITM your secure connections. Unfortunately X.509 wasn't
designed for the web and thus certificates you buy are marked such
that they are not allowed to sign for other certs (due to lack of real
namespace support).
This leads to the idea of redefining the cert chain part of the
protocol like this:
repeated bytes x509_chain = 1;
becomes
message Certificate {
enum Type {
X509 = 1;
}
required Type type = 1;
required bytes data = 2;
}
repeated Certificate cert_chain = 1;
Then if later we want to introduce our own minimal certificate formats
which include features we want, we can add new enum types to do so.
Note that if an old client encounters an invoice with a cert type it
doesn't recognize, it will abort parsing of the message entirely. So
the request to download the invoice should probably include a protocol
version number of some kind so the server knows when it's safe to use
new invoice features.
Mike Hearn [ARCHIVE] /
npub17t…4qgyd
2023-06-07 10:39:28
in reply to nevent1q…e6d4
Author Public Key
npub17ty4mumkv43w8wtt0xsz2jypck0gvw0j8xrcg6tpea25z2nh7meqf4qgydPublished at
2023-06-07 10:39:28Event JSON
{
"id": "39bf469af274cafa9c463f3c8ac57a1b0dbc976260388fd3f24acb47be7f0a34",
"pubkey": "f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2",
"created_at": 1686134368,
"kind": 1,
"tags": [
[
"e",
"f5f2400f8aa8a7067be3d080f096fd7cbfeecdd6e589c178b85b63a9338150a5",
"",
"root"
],
[
"e",
"37531b6f3d9c2a45427f1862465983b1ba28561915f32477b890302c9028f336",
"",
"reply"
],
[
"p",
"857f2f78dc1639e711f5ea703a9fc978e22ebd279abdea1861b7daa833512ee4"
]
],
"content": "📅 Original date posted:2012-11-26\n📝 Original message:Obviously this LGTM :)\n\nMinor caveat, IMHO we should support all CAs used by the popular\nbrowsers. This ensures no merchant ever finds that their SSL cert they\nalready own is OK for the web but not for Bitcoin. I don't see a need\nto be stricter here, given all it achieves is signing some data in a\nway linked with a domain name.\n\nX.509 is pretty baroque indeed, for our use cases it'd not be hard to\ndo better. In particular, the inability to delegate properly rather\ndefeats the benefits of chained certificates. For the payment\nprocessor case what you really want to do is take your keys, then\nissue a new cert that is specific to signing Bitcoin transactions and\ngive that to the payment processor secure in the knowledge that they\ncannot MITM your secure connections. Unfortunately X.509 wasn't\ndesigned for the web and thus certificates you buy are marked such\nthat they are not allowed to sign for other certs (due to lack of real\nnamespace support).\n\nThis leads to the idea of redefining the cert chain part of the\nprotocol like this:\n\n repeated bytes x509_chain = 1;\n\nbecomes\n\n message Certificate {\n enum Type {\n X509 = 1;\n }\n required Type type = 1;\n required bytes data = 2;\n }\n\n repeated Certificate cert_chain = 1;\n\nThen if later we want to introduce our own minimal certificate formats\nwhich include features we want, we can add new enum types to do so.\n\nNote that if an old client encounters an invoice with a cert type it\ndoesn't recognize, it will abort parsing of the message entirely. So\nthe request to download the invoice should probably include a protocol\nversion number of some kind so the server knows when it's safe to use\nnew invoice features.",
"sig": "931eeaef006d143819e624af8416854abb6053d7bcf54e9e4977a277c3a65009be94a0ae70c471a370f300a16cf04c7a3855d06b4bd114a016010a3926b4d00b"
}