📅 Original date posted:2014-03-21
📝 Original message:Maybe its time to explore raw ECDSA signed message based certs.
btw I dont think its quite 4kB. eg bitpay's looks to be about 1.5kB in der
format. And they contain a 2048-bit RSA server key, and 2048-bit RSA
signatures (256byte each right there = 512bytes). And even 2048 is weaker
than 256-bit ECDSA.
Adam
On Fri, Mar 21, 2014 at 11:25:59AM +0100, Andreas Schildbach wrote:
>On 03/20/2014 01:12 PM, Adam Back wrote:
>
>> Whats a sensible limit on practical/convenient QR code size?
>
>Technically 3 KB. In my experience codes above 1.5 KB become impossible
>to scan (ZXing scanner, 3 years ago). You will want to stay below 500
>bytes for convenient scanning. That said, I'm convinced there is a lot
>of room for scanning improvements.
>
>> How much of the payment protocol message size comes from use of x509?
>
>As said in the OP, a minimal PR uses 50 bytes. X.509 seems to put about
>4000 bytes on top of that.
>
>As you can see, we have quite some room for improvements to PR payload
>(PaymentDetails). X.509 certification will probably not be possible via
>QR, at least not until specialized CA's will issue space-efficient certs
>(using ECDSA?).
Adam Back [ARCHIVE] /
npub1ac…lswfj
2023-06-07 15:14:22
in reply to nevent1q…mxjd
Author Public Key
npub1ac86vemj7ce5z8jyxt39rna3tvwql6xd30ha3vxcd6esysp23d9qrlswfjPublished at
2023-06-07 15:14:22Event JSON
{
"id": "e6b7ea6f14dd90ea2a509fde025ab62b51547c9d8bb876a1a6d5a0dad7b7eca7",
"pubkey": "ee0fa66772f633411e4432e251cfb15b1c0fe8cd8befd8b0d86eb302402a8b4a",
"created_at": 1686150862,
"kind": 1,
"tags": [
[
"e",
"d70d8d12a406cb1c9a067111bb9c717b35fd85b951e12f89e562fccc2fad4277",
"",
"root"
],
[
"e",
"23f4d24bd1a20049bb704295daab9c333d680e249b59c51324a0a4750f78e171",
"",
"reply"
],
[
"p",
"3215b3d77dff1f84eeb5ad46fb1206a8d1657b3ea765a80b5489ece3a702d2bc"
]
],
"content": "📅 Original date posted:2014-03-21\n📝 Original message:Maybe its time to explore raw ECDSA signed message based certs.\n\nbtw I dont think its quite 4kB. eg bitpay's looks to be about 1.5kB in der\nformat. And they contain a 2048-bit RSA server key, and 2048-bit RSA\nsignatures (256byte each right there = 512bytes). And even 2048 is weaker\nthan 256-bit ECDSA.\n\nAdam\n\nOn Fri, Mar 21, 2014 at 11:25:59AM +0100, Andreas Schildbach wrote:\n\u003eOn 03/20/2014 01:12 PM, Adam Back wrote:\n\u003e\n\u003e\u003e Whats a sensible limit on practical/convenient QR code size?\n\u003e\n\u003eTechnically 3 KB. In my experience codes above 1.5 KB become impossible\n\u003eto scan (ZXing scanner, 3 years ago). You will want to stay below 500\n\u003ebytes for convenient scanning. That said, I'm convinced there is a lot\n\u003eof room for scanning improvements.\n\u003e\n\u003e\u003e How much of the payment protocol message size comes from use of x509?\n\u003e\n\u003eAs said in the OP, a minimal PR uses 50 bytes. X.509 seems to put about\n\u003e4000 bytes on top of that.\n\u003e\n\u003eAs you can see, we have quite some room for improvements to PR payload\n\u003e(PaymentDetails). X.509 certification will probably not be possible via\n\u003eQR, at least not until specialized CA's will issue space-efficient certs\n\u003e(using ECDSA?).",
"sig": "072ba1ea1617c990accae0f7742c196525c64ba83a50481c90019d4e3378f1b6e190692b5e4ae13248f2b805b48fdd77d60e53c65445b2664b59a2c482fb652f"
}