Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-05-25 Thread Jonas Schnelli via bitcoin-dev
>> Good point. >> I have mentioned this now in the BIP but I think the BIP should allow >> message > 16 MiB. >> I leave the max. message length up to the implementation while keeping >> the 4 byte length on the protocol level. > > I expect the implementation defined max size to work (SSH 2.0

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-05-24 Thread Lee Clagett via bitcoin-dev
On Wed, 18 May 2016 10:00:44 +0200 Jonas Schnelli via bitcoin-dev wrote: > Hi Lee > > Thank you very much for the valuable input. > I'm still processing your feedback [...] > > Why have a fixed MAC length? I think the MAC length should be > >

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-05-18 Thread Jonas Schnelli via bitcoin-dev
Hi Lee Thank you very much for the valuable input. I'm still processing your feedback > > *Key Revocation* > This is probably too complicated, but an additional public key would > allow for cold-storage key revocation. Spreading the knowledge of such > an event is always painful, but it

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-04-09 Thread Lee Clagett via bitcoin-dev
On Fri, 1 Apr 2016 23:09:47 +0200 Jonas Schnelli via bitcoin-dev wrote: > > I have just PRed a draft version of two BIPs I recently wrote. > > https://github.com/bitcoin/bips/pull/362 > > Hi. > I just updated the PR above with another overhaul of the BIP.

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-27 Thread Jonas Schnelli via bitcoin-dev
> I guess my question didn't get across. > > Why would you want to make your usecase do connections over the > peer2peer > (net.cpp) connection at all? > > Mixing messages that are being sent to everyone and encrypted > messages is > asking for trouble. > Making

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-26 Thread Jonas Schnelli via bitcoin-dev
> I guess my question didn't get across. > > Why would you want to make your usecase do connections over the peer2peer > (net.cpp) connection at all? First, because there _are_ a hight amount of SPV wallets in the field. SPV wallets are "dumb-clients" with only a tiny value for the bitcoin

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-26 Thread Tom via bitcoin-dev
On Friday 25 Mar 2016 19:43:00 Jonas Schnelli via bitcoin-dev wrote: > An encrypted channel together with a trusted full node would finally > allow to have a secure and save SPV communication. I guess my question didn't get across. Why would you want to make your usecase do connections over the

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-25 Thread Tom via bitcoin-dev
On Thursday 24 Mar 2016 13:20:48 Chris via bitcoin-dev wrote: > As far as the use cases others mentioned, connecting and SPV wallet to > your full node is certainly one. It would make it easy to, say, connect > the android bitcoin-wallet to your own node. I've hacked on that wallet > to make it

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-25 Thread Lee Clagett via bitcoin-dev
On Wed, 23 Mar 2016 16:24:12 +0100 Jonas Schnelli via bitcoin-dev wrote: > Hi > > I have just PRed a draft version of two BIPs I recently wrote. > https://github.com/bitcoin/bips/pull/362 > > Two BIPs that addresses the problem of decoupling

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-24 Thread Chris via bitcoin-dev
Thanks for doing some work on this Jonas. It's something I've been interested in for a while. I haven't had an opportunity to read the bips but I will do so soon and comment. As far as the use cases others mentioned, connecting and SPV wallet to your full node is certainly one. It would make it

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-23 Thread Sergio Demian Lerner via bitcoin-dev
It seems that every message must be signed (the protocols lacks MACs). This can be very resource consuming in terms of CPU and bandwidth since most p2p messages are small. On Wed, Mar 23, 2016 at 5:36 PM, Tom via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > On Wednesday 23 Mar

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-23 Thread Jonas Schnelli via bitcoin-dev
>> I have just PRed a draft version of two BIPs I recently wrote. >> https://github.com/bitcoin/bips/pull/362 > > I suggest running a spellchecker ;) Thanks. Will do. > * why would you not allow encryption on non-pre-approved connections? The encryption should be optional. The proposed

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-23 Thread Eric Voskuil via bitcoin-dev
On 03/23/2016 01:36 PM, Tom via bitcoin-dev wrote: > On Wednesday 23 Mar 2016 16:24:12 Jonas Schnelli via bitcoin-dev wrote: > * why would you not allow encryption on non-pre-approved connections? Agree > * we just removed (ssl) encryption from the JSON interface, how do you > suggest > this

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-23 Thread Tom via bitcoin-dev
On Wednesday 23 Mar 2016 16:24:12 Jonas Schnelli via bitcoin-dev wrote: > Hi > > I have just PRed a draft version of two BIPs I recently wrote. > https://github.com/bitcoin/bips/pull/362 I suggest running a spellchecker ;) Some questions; * why would you not allow encryption on

Re: [bitcoin-dev] p2p authentication and encryption BIPs

2016-03-23 Thread Tier Nolan via bitcoin-dev
There is probably not much loss due to per message encryption. Even if a MITM determined that a message was an inv message (or bloom filter message), it wouldn't be able to extract much information. Since the hashes in those messages are fixed size, there is very little leakage. You could make