📅 Original date posted:2014-03-20
📝 Original message:Encoding entire payment requests into qrcodes is definitely not the way to
go. They can already be large when signed and we're just at the start of
adding features.
Finishing off and standardising the bluetooth support is the way to go
(r=bt:mac). Andreas' app already has some support for this I believe, so
Alex you could prototype with that, but we need to:
1) Add an encryption/auth layer on top, because it runs over RFCOMM
sockets. The authentication would require proof of owning the Bitcoin key
that's in the address part of the URI (which is needed for backwards compat
anyway).
2) Write a BIP for it and make sure it's interoperable
For the auth layer we could either use SSL and then just ignore the server
certificate and require signing of the session public key with the Bitcoin
key, which should be easy to code up but is rather heavy on the air, or
roll a custom lightweight thing where we just do a basic ECDH, with the
servers key being the same as the address key. But rolling such protocols
is subtle and I guess it'd need to be reviewed by people familiar with such
things.
This feels like a good opportunity to grow the community - perhaps we can
find a volunteer in the forums who enjoys crypto.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140320/ad3cb0fd/attachment.html>