Author: Mike Hearn 2015-01-28 15:42:42
Published on: 2015-01-28T15:42:42+00:00
When developers charge the developer instead of the platform to check certificate validity, it means they must develop a separate codebase for all platforms targeted. This is because each platform stores trusted root certificates differently with different APIs and certificate representations. However, cross-platform abstraction libraries such as Java and Qt provide a key store library that can load from either the OS root store or a custom one, eliminating the need for separate codebases. Using a third-party service to convert things to JSON is one of the least obvious and highest effort solutions, and it is not a problem with the design choices in BIP70. It sounds like a bizarre hack around lack of features in the runtime being used. Developers are also reminded that there is no obligation to use the OS root store and can take a snapshot of Mozilla/Apple/MSFT etc stores and load it in their app to avoid issues where BIP70 requests work on some platforms and not others. Bitcoinj uses this approach by default, but developers can override this and use the OS root store instead.
Updated on: 2023-06-09T15:30:58.681605+00:00