There have been proposals to use the blockchain to establish
"identities". firstbits is a simple example. I would like to announce a
project that extends this idea to turn the blockchain into a "root CA"
that can sign arbitrary certificates. The purpose is to use these
certificates in the payment protocol, where some might consider
traditional centralized root CAs unsatisfactory. 

Code is here:

Technical specification and full-length examples are found in the wiki.
I therefore spare myself from repeating the details here, even though,
of course, discussion about those details is welcome on this list.

Excerpt from follows:

First, we have drafted a quite general specification for bitcoin certificates 
(protobuf messages) that allow for a variety of payment protocols (e.g. static 
as well as customer-side-generated payment addresses).
This part has surely been done elsewhere as well and is orthogonal to the goal 
of this project.
What is new here is the signatures _under_ the certificates.

We have patched the bitcoind to handle certificates, submit signatures to the 
blockchain, verify certificates against the blockchain, pay directly to 
certificates (with various payment methods), revoke certificates.
Signatures in the blockchain are stored entirely in the UTXO set (i.e. the 
unspend, unprunable outputs). 
This seems to make signature lookup and verification reasonably fast: 
it took us 10s in the mainnet test we performed (lookup is instant on the 
testnet, of course).

Payment methods include: static bitcoin addresses, client-side derived
payment addresses (pay-to-contract), pay-to-contract with multisig destinations 

Full-length real-world examples for all payment methods are provided in the 
tutorial pages.
These examples have actually been carried out on testnet3.

For further details and specifications see the wiki.

timo hanke

Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
Bitcoin-development mailing list

Reply via email to