Author: Mike Hearn 2013-09-25 11:45:02
Published on: 2013-09-25T11:45:02+00:00
The conversation between Andreas Schildbach and an unknown person discusses the issue of using HTTPS trust in Bitcoin protocol. The person argues that it is unnecessary to use a certificate if you see your partner in person. However, the SSL PKI is still being upgraded and there is a plan for handling governments and other entities subverting CA's called certificate transparency. When getting a QR code from the web, it is already served over HTTPS, but if an attacker can break a CA to steal money, then the user loses, as the QR code itself is MITMd. In the Bluetooth case, a custom security layer will be needed once the protocol begins reading data.
Updated on: 2023-06-07T14:57:45.695696+00:00