On Wed, Jul 16, 2014 at 7:25 AM, Jeff Garzik <jgar...@bitpay.com> wrote: > On the specific issue I raised, the BIP only says "Querying multiple > nodes and combining their answers can be a partial solution to this" > which is not very helpful advice. That's a partial answer to my > question #2 with zero response for question #3. > > This sort of thing really needs a warning label like "use only if you > don't have a trusted solution" and discussion of that choice is > completely absent (question #1).
In IETF documents there is a required security considerations section, see http://tools.ietf.org/html/bcp72 In many of our documents the whole thing is a security consideration but for ones like these we should probably always document the weaknesses as set out from the rest of the document. See how BIP32 enumerates the one-private-key-breaks the chain. On this point the getutxos document is doing well. Perhaps breaking some things out of the auth section into a security / security-limitations section. In particular, can this document specifically call out that a local network attacker can MITM all the peers. (If Mike would prefer, I can send a diff with proposed changes) ------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
