Author: Thomas Voegtlin 2015-07-20 14:32:09
Published on: 2015-07-20T14:32:09+00:00
The email discusses the use of DNSSEC in payment requests along with its potential problems due to the large size of DNSSEC proof and 1024-bit RSA signature. The author suggests not including the proof in the request and only using the final signature, which is possible through DNSSEC. A typical lightweight payment request without the proof would be around 150 bytes long. The author also considers the possibility of SSL certificates for creating lightweight payment requests. They suggest building a new or independent PKI for individuals that could include only a signature and a UTF-8 string without sacrificing revocability if the proof is downloaded separately. The pubkey of the Certificate Authority (CA) would be obtained by running the pubkey recovery algorithm on the signature and verifying it against a table of trusted pubkeys.
Updated on: 2023-06-10T02:35:07.690368+00:00