Author: Mike Hearn 2013-04-25 10:45:33
Published on: 2013-04-25T10:45:33+00:00
The discussion is regarding the safety of payment request signing key, which currently cannot be made safer than SSL key due to limitations in SSL PKI. The issue arises because SSL keys live on web servers, and certificates can be issued by CAs based on control of a web server at a given domain name. This means that anyone can issue themselves a new SSL cert with whatever data they want and pose as the merchant. While the OP suggested differentiating between "most trusted" and "less trusted" keys, it is impossible to have a payment request signing key that is safer than an SSL key. Furthermore, no CA exists that would do the necessary things for a reasonable price to give oneself an offline intermediate cert and then use that to sign one cert for SSL and another for payment request signing. The scenario being discussed is where the thing signing payment requests is less trusted than the web server, but until the CA landscape changes, there is no way to implement this.
Updated on: 2023-06-06T15:32:44.355832+00:00