gmaxwell noted on IRC that enabling TLS could be functionally, if not literally, a DoS on the pool servers. Hence the thought towards a more lightweight method that simply prevents client payout redirection + server impersonation.
On Fri, Aug 8, 2014 at 5:53 AM, Mike Hearn <m...@plan99.net> wrote: >> Certificate validation isn't needed unless the attacker can do a direct >> MITM >> at connection time, which is a lot harder to maintain than injecting a >> client.reconnect. > > > Surely the TCP connection will be reset once the route reconfiguration is > completed, either by the MITM server or by the client TCP stack when it > discovers the server doesn't know about the connection anymore? > > TLS without cert validation defeats the point, you can still be connected to > a MITM at any point by anyone who can simply interrupt or corrupt the > stream, forcing a reconnect. > > ------------------------------------------------------------------------------ > Want fast and easy access to all the code in your enterprise? Index and > search up to 200,000 lines of code with a free copy of Black Duck > Code Sight - the same software that powers the world's largest code > search on Ohloh, the Black Duck Open Hub! Try it now. > http://p.sf.net/sfu/bds > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > -- Jeff Garzik Bitcoin core developer and open source evangelist BitPay, Inc. https://bitpay.com/ ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
