> Personally, I'd like to see fewer implicit ties to X509. With X509 as one > option.
That's pretty much what we have today - in future other schemes can be proposed as extensions. Protocol buffers are easily extended, they ignore unknown fields. Then you'd wait and see what the invoice request looked like and produce an invoice with the right security bits. > In particular two additional identification types: > > - GnuPG (obviously) It's not obvious to me, incidentally. The web of trust has been dead-on-arrival since it was first proposed, and for good reasons. SSL/X.509, for better or worse, has significant usage. Your case of a small business is a perfect example of people who won't be using GPG. If they don't want to buy an SSL cert, they can just as well put a reference number in the memo field or a "Hey Bob, here is the bill we discussed". The payer does not get the multi-factor auth protection so if their computer has a virus, they may be hosed. But that's good incentive for sellers to get verified. Some CA authorities do it for free these days. ------------------------------------------------------------------------------ Monitor your physical, virtual and cloud infrastructure from a single web console. Get in-depth insight into apps, servers, databases, vmware, SAP, cloud infrastructure, etc. Download 30-day Free Trial. Pricing starts from $795 for 25 servers or applications! http://p.sf.net/sfu/zoho_dev2dev_nov _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
