Author: Mike Hearn 2013-04-25 09:08:26
Published on: 2013-04-25T09:08:26+00:00
The author of the payment protocol suggests using a custom certificate type to chain onto the end in order to implement a clean solution for v1. The additional Bitcoin-specific certificate can be added to solve the problem of delegation and avoid sharing SSL private keys with third parties. This approach also solves cases where a company has roving sales agents who are not highly trusted, they can be issued a 24-hour expiring Bitcoin-specific cert at the start of each working day and then sign payment requests with that. It is not necessary to use X.509, however it can be used as a regular protocol buffer. Re-using X.509 wouldn't be accepted by OpenSSL or any other SSL stack, and ASN.1 isn't easy to work with.
Updated on: 2023-06-06T15:26:23.001179+00:00