Author: Daryl Banttari 2014-04-02 00:59:34
Published on: 2014-04-02T00:59:34+00:00
The context involves a proposal related to Bitcoin transactions. The first point of the proposal is about pay-to addresses which are not fixed and can have different addresses for each transaction. BIP70 is necessary to allow per-transaction addresses via HTTPS. However, a new address and URL can be generated for each one-off peer-to-peer transaction. The second point of the proposal is about the authenticity of signatures as unless someone already knows the public key of the signature, they cannot be sure if the signature is made by the person it is supposed to be from. Daryl's proposal leverages the existing SSL key system so that there is a reasonable expectation that if the signature verifies, it came from the party indicated on the certificate. While SSL and the PKI system underpinning it have faults, the example highlighted was specifically a problem with WoT, not PKI. The compromised web server can cause payments to be made to the wrong party, but this is already true, and it is not something that BIP70 solves or attempts to solve.
Updated on: 2023-06-08T18:00:58.165557+00:00