Gavin Andresen [ARCHIVE] on Nostr: 📅 Original date posted:2012-11-27 📝 Original message:RE: SignedReceipt: I agree ...
📅 Original date posted:2012-11-27
📝 Original message:RE: SignedReceipt: I agree it is superfluous. I'll remove it from the spec.
RE: "it is controversial use of the host key to use it for digital
signing of documents" : The idea of embedding a x509 certificate
chain comes from the IETF's JSON Object Signing and Encryption working
group "JWS" specification, so I can't be TOO controversial.
RE: the ifex-project and other electronic invoicing standards: Thanks
for the pointers, Walter! I'm all for adopting the best ideas that
have come before, as long as we end up with something useful and small
enough to convince ourselves it is as secure as we can make it. I
looked at the ifex spec, and quickly got lost. It would help me if you
could write up what our motivating use cases would look like if
implemented on top of ifex.
RE: jgarzik's suggestion to allow txids in the Payment: that worries
me, because it is trivial to create several different variations of
the same transaction (same inputs to same outputs) with different
txids (re-signing inputs uses a different signature nonce, which
changes the signature/txid, for example).
RE: using self-signed certificates: as Mike said, I assume Bitcoin
clients will have some way of managing root certificates, so experts
could add trusted self-signed certs.
--
--
Gavin Andresen
Published at
2023-06-07 10:41:10Event JSON
{
"id": "e69cb8e0aba8e9b42851e3e2338b1d848c7bf1ff06f574074ab7d10e3dcbeec6",
"pubkey": "857f2f78dc1639e711f5ea703a9fc978e22ebd279abdea1861b7daa833512ee4",
"created_at": 1686134470,
"kind": 1,
"tags": [
[
"e",
"f5f2400f8aa8a7067be3d080f096fd7cbfeecdd6e589c178b85b63a9338150a5",
"",
"root"
],
[
"e",
"06892a7b6310903fe297d2dcaf0f5f4457183279d2890b1102d4c67199e5b0f8",
"",
"reply"
],
[
"p",
"9e3c76fd7eb862ca37f150391debc7baa4f8423eaa3f894c476a7d4360de9a02"
]
],
"content": "📅 Original date posted:2012-11-27\n📝 Original message:RE: SignedReceipt: I agree it is superfluous. I'll remove it from the spec.\n\nRE: \"it is controversial use of the host key to use it for digital\nsigning of documents\" : The idea of embedding a x509 certificate\nchain comes from the IETF's JSON Object Signing and Encryption working\ngroup \"JWS\" specification, so I can't be TOO controversial.\n\nRE: the ifex-project and other electronic invoicing standards: Thanks\nfor the pointers, Walter! I'm all for adopting the best ideas that\nhave come before, as long as we end up with something useful and small\nenough to convince ourselves it is as secure as we can make it. I\nlooked at the ifex spec, and quickly got lost. It would help me if you\ncould write up what our motivating use cases would look like if\nimplemented on top of ifex.\n\nRE: jgarzik's suggestion to allow txids in the Payment: that worries\nme, because it is trivial to create several different variations of\nthe same transaction (same inputs to same outputs) with different\ntxids (re-signing inputs uses a different signature nonce, which\nchanges the signature/txid, for example).\n\nRE: using self-signed certificates: as Mike said, I assume Bitcoin\nclients will have some way of managing root certificates, so experts\ncould add trusted self-signed certs.\n\n-- \n--\nGavin Andresen",
"sig": "c0d24064c8fc05de9433bcd94beec264eb07d95e16268446620624911e575c0c06aab2e80f48f2243a4cdedde8db249f4661473d15450448a2044505faa2c511"
}