Author: slush 2011-12-19 01:44:42
Published on: 2011-12-19T01:44:42+00:00
In a discussion on the Bitcoin-development mailing list, Pieter Wuille explains the security issues surrounding DNS-based alias systems for Bitcoin payments. Any system based on DNS is vulnerable to spoofing, as an attacker could make people's DNS server believe that a domain points to their IP address and thus receive payments intended for someone else. In order to combat this issue, one solution is to put a Bitcoin address in the identification string itself and require SSL communication authenticated using the respective key. While this makes the identification strings less useful as aliases, pure aliases in the sense of human-typable strings have limited usefulness anyway, as these identification strings will often be communicated through other electronic means. An embedded Bitcoin address could also be hidden from the user and stored in an address book. However, the original poster, slush, notes that there may not be a single solution that is both easy to use and secure enough for daily use.
Updated on: 2023-06-04T21:51:59.508252+00:00