Author: Laszlo Hanyecz 2014-08-08 18:34:01
Published on: 2014-08-08T18:34:01+00:00
Mutual CHAP could be a more lightweight solution that simply prevents client payout redirection and server impersonation than enabling TLS, which could be a DoS on the pool servers. The idea is that both sides authenticate and expect a different password from each other. This protects against replay attacks even if there is MITM on the server. Challenge-Handshake Authentication Protocol (CHAP) is commonly used in Point-to-Point Protocol (PPP) and iSCSI. The Bitcoin-development mailing list discusses how enabling TLS without certificate validation would defeat the point as it would still allow an attacker to intercept or corrupt the stream, forcing a reconnect. Jeff Garzik, a Bitcoin core developer and open source evangelist, also suggests using Black Duck Code Sight for fast and easy access to all the code in an enterprise.
Updated on: 2023-06-09T01:59:13.150958+00:00