Author: Andy Parkins 2012-11-27 17:03:39
Published on: 2012-11-27T17:03:39+00:00
In this email, Gavin Andresen suggests that there should be fewer implicit ties to X509 for identifying merchants in the bitcoin payment system. He proposes a doorway to the future left open, with X509 as one option and other identification types such as GnuPG and hash-based systems added as well. The hash-based system would be used as a method of leveraging an existing trusted connection without needing certificates. For example, when paying for something on a website, the site can issue an invoice and a hash of the certificate on the same page. The user then trusts the hash because it was received over a secure connection from a trusted source. In case of small businesses, the owner can generate an invoice with their bitcoin client and send the hash to their customer via phone or email. Alternatively, they might attach a file called invoice-A7DE-521X-9977.bitinv to a signed GnuPG email. The recipient can easily confirm that the sender sent the invoice because the filename must match the contents and GnuPG protects against tampering.
Updated on: 2023-06-06T08:46:52.723835+00:00