[Bitcoin-development] Draft BIP for seamless website authentication using Bitcoin address
Eric Larchevêque
elarch at gmail.com
Fri Apr 4 15:09:08 UTC 2014
On Fri, Apr 4, 2014 at 4:56 PM, slush <slush at centrum.cz> wrote:
> I'm cracking my head for many months with the idea of using TREZOR for web
> auth purposes. Unfortunately I'm far from any usable solution yet.
>
> My main comments to your BIP: Don't use bitcoin addresses directly and
> don't encourage services to use this "login" for financial purposes. Mike
> is right, mixing authentication and financial services is wrong. Use some
> function to generate other private/public key from bitcoin's seed/private
> key to not leak bitcoin-related data to website.
>
>
I'm probably very naive, but the fact that the authentication key is your
Bitcoin address was for me a great feature :)
What are the risks associated of id yourself with a bitcoin address you
plan to use on the website for transaction ?
I mean, what is the difference between doing that, and id with a login/pass
and add your bitcoin address in a settings field ? (knowing you could
always find a mechanism to transfer the account to another bitcoin address
if needed)
Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140404/6e0e0513/attachment.html>
More information about the bitcoin-dev
mailing list