Re: [Bitcoin-development] BIP72 amendment proposal
On Fri, Sep 12, 2014 at 10:59 PM, Mark van Cuijk m...@coinqy.com wrote: If you do so, please make sure the length of the hash is included in the PaymentDetails/PaymentRequest. If someone parses the URI and doesn’t have an authenticated way of knowing the expected length of the hash, a MITM attacker can just truncate the hash to lower security. But if they can truncate they can just as well pass a completely different hash that matches their payment request. If an attacker can change the bitcoin: URI, this scheme is broken. The point of the proposal is to make sure that the payment request matches the URI. So *if* you communicate the URI by secure means, this authenticates the associated payment request as well, even if fetched by insecure means (such as http:...) itself. Wladimir -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
[Bitcoin-development] Does anyone have anything at all signed by Satoshi's PGP key?
So far I have zero evidence that the common claim that Satoshi PGP signed everything was true; I have no evidence he ever cryptographically signed any communications at all. -- 'peter'[:-1]@petertodd.org 0ce4f740fb700bb8a9ed859ac96ac9871567a20fca07f76a signature.asc Description: Digital signature -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] Small update to BIP 62
On Fri, Sep 12, 2014 at 6:35 PM, Pieter Wuille pieter.wui...@gmail.com wrote: Changes: https://github.com/bitcoin/bips/pull/102/files Gregory, Jeff: does this address your concerns? Others: comments? I've made another change in the PR, as language about strictly only compressed or uncompressed public keys was missing; please have a look. -- Pieter -- Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191iu=/4140/ostg.clktrk ___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development