[Bitcoin-development] [BIP 15] Aliases

Luke-Jr luke at dashjr.org
Mon Dec 19 16:35:32 UTC 2011


On Monday, December 19, 2011 6:44:59 AM Andy Parkins wrote:
> Perhaps we should be more strict about which CA certificates are trusted by
> the bitcoin client: say restrict it to those who have demonstrably good
> practices for verifying identity; rather than the ridiculous amount of
> trust that comes pre-installed for me in my browser.

Accepted CAs is/should be a property of your *operating system*, not any 
particular software. Anyhow, restricting this further just makes it even more 
unusable. Already there is only 1 or 2 CAs that will provide a gratis 
certificate for personal/small users. If you only allow high-class CAs, I 
imagine that will restrict "no key in the URI" aliases to those who will fork 
over a lot of money.




More information about the bitcoin-dev mailing list