Author: Alan Reiner 2013-04-24 23:07:59
Published on: 2013-04-24T23:07:59+00:00
A discussion has taken place on bitcointalk.org regarding the use of x509 certificates to sign a Payment Request, with the aim of making it easier to verify where money is being sent and harder for attackers to change the address displayed. However, generating live Payment Requests exposes the key used to sign them to theft. A solution proposed involves using a ‘parent’ cert which is kept offline and a child certificate that is hot, with the less critical data signed by the child cert’s key and the remaining data signed by the parent cert’s key. The payer verifies Kpar and the address by calculating Hash160(Kpar * I[0:32]). There is no requirement to use BIP32 to calculate I[0:32], as it could also be randomly generated. A better idea than using convention or self-signed EV cert would be appreciated.
Updated on: 2023-06-06T15:26:07.686239+00:00