[Bitcoin-development] BIP70 proposed changes
Mike Hearn
mike at plan99.net
Wed Mar 5 10:18:41 UTC 2014
>
> On an unrelated note, X.509 is a terrible standard that should be
> abandoned as quickly as possible. BitPay is working on a new standard
> based on bitcoin-like addresses for authentication. It would be great if
> we could work with the community to establish a complete, decentralized
> authentication protocol. The sooner we can evolve beyond X.509 the better.
Because this is such a common sentiment, I wrote a couple of articles on
the matter.
The first is about why BIP 70 uses the SSL PKI and an examination of the
most commonly proposed alternative ideas:
https://medium.com/p/b64cf5912aa7
... including the web of trust, using bitcoin addresses/the block chain,
allowing multiple certs, trust-on-first-use and (for SSL only)
perspectives/convergence.
The second is a summary of some of the most famous crypto-usability
research papers published in the past 10-15 years. They cover SSL and PGP.
If you're interested in designing alternatives, reading these papers would
be a good place to start:
https://medium.com/p/d04ea6a2c771
There's a book from O'Reilly called Security & Usability that contains 34
papers and essays. It's very good:
http://shop.oreilly.com/product/9780596008277.do
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140305/544be4ef/attachment.html>
More information about the bitcoin-dev
mailing list