I think it's worth pondering the different things we may want in future, even if that future is quite far out, just to ensure we have a robust design that won't box us in later. Brainstorming feature ideas now doesn't commit anyone to implementing them, but it may help improve the final v1 design.
> + Bitcoin addresses by themselves are insecure against man-in-the-middle > attacks. A simple way to solve this problem is just use the SSL identity of the server that is taking part in the protocol, but it's not much harder to embed a signature + cert chain into the invoice itself. And once you're doing that, allowing several different sigs/cert chains is pretty easy. It means you keep the design open to cases where SSL may not be appropriate. Eg, you could create invoices signed by your web-of-trust identity, or some non-SSL Bitcoin specific verification system. None of those things have to actually be implemented, but by considering them now we can make the protocol more future prooof. > + After sending payment I should have a receipt that proves I followed the > payee's instructions, so if the payee says they never received the funds I > can prove that it wasn't my fault. A signed invoice + the blockchain transactions does this, BUT with a major caveat: if you have not set up dispute mediation, there is nobody to prove faultlessness to. So I'm not sure this would be very useful. Supporting real dispute mediation seems more practical, but also more work. > + Protocol for gathering signatures from multiple devices > (extension/variation of the basic payment protocol, I think). This would be nice, I think invoices could be wrapped by another protocol that handles it. I'm not sure it needs to be a part of the core payment protocol. There are lots of different ways to implement this and I'm not sure there's agreement on what it should look like - somebody needs to build a "proprietary" implementation first. ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development