📅 Original date posted:2012-11-26
📝 Original message:On Monday, November 26, 2012 11:16:03 PM Mike Hearn wrote:
> They could be included as well of course, but from a seller
> perspective the most important thing is consistency. You have to be
> able to predict what CAs the user has, otherwise your invoice would
> appear in the UI as unverified and is subject to manipulation by
> viruses, etc.
That's expected behaviour - except it's mainly be manipulated by *users*, not
viruses (which can just as easily manipulate whatever custom cert store we
use). If I don't trust Joe's certs, I don't want Bitcoin overriding that no
matter who Joe is or what connections he has.
> So using the OS cert store would effectively restrict merchants to the
> intersection of what ships in all the operating systems their users
> use, which could be unnecessarily restrictive. As far as I know, every
> browser has its own cert store for that reason.
Browsers with this bug are not relevant IMO.
Luke-Jr [ARCHIVE] /
npub1dt…u7wrs
2023-06-07 10:39:37
in reply to nevent1q…7c6s
Author Public Key
npub1dtr22xd42nv07un2xq0rmtkqkjylgsmexau0anxxafa9xmmn2ncshu7wrsPublished at
2023-06-07 10:39:37Event JSON
{
"id": "68b42853a7ad0b1dfb7080ebc54b0967936f9f82d8609ac2de4f215f1ea135ac",
"pubkey": "6ac6a519b554d8ff726a301e3daec0b489f443793778feccc6ea7a536f7354f1",
"created_at": 1686134377,
"kind": 1,
"tags": [
[
"e",
"f5f2400f8aa8a7067be3d080f096fd7cbfeecdd6e589c178b85b63a9338150a5",
"",
"root"
],
[
"e",
"ecb6065a6eb210e975dc37efc0d9071620a7188ffb8199818f420f496ac923cd",
"",
"reply"
],
[
"p",
"f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2"
]
],
"content": "📅 Original date posted:2012-11-26\n📝 Original message:On Monday, November 26, 2012 11:16:03 PM Mike Hearn wrote:\n\u003e They could be included as well of course, but from a seller\n\u003e perspective the most important thing is consistency. You have to be\n\u003e able to predict what CAs the user has, otherwise your invoice would\n\u003e appear in the UI as unverified and is subject to manipulation by\n\u003e viruses, etc.\n\nThat's expected behaviour - except it's mainly be manipulated by *users*, not \nviruses (which can just as easily manipulate whatever custom cert store we \nuse). If I don't trust Joe's certs, I don't want Bitcoin overriding that no \nmatter who Joe is or what connections he has.\n\n\u003e So using the OS cert store would effectively restrict merchants to the\n\u003e intersection of what ships in all the operating systems their users\n\u003e use, which could be unnecessarily restrictive. As far as I know, every\n\u003e browser has its own cert store for that reason.\n\nBrowsers with this bug are not relevant IMO.",
"sig": "28b076e67626f0219734bb4a498999ca2fe2e9c96a65c8f6f5b9efcfbd5322f9e5746595568ef41b06f34d33345befded5b21c53ca9a26dd1a20d3e6a48e93ac"
}