Re: [Bitcoin-development] Payment Protocol: BIP 70, 71, 72

----- Forwarded message from The Doctor ----- Date: Wed, 25 Sep 2013 12:12:45 -0400 From: The Doctor To: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Payment Protocol: BIP 70, 71, 72 Organization: Virtual Adept Networks, Unlimited User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130514 Thunderbird/17.0.6 Reply-To: drwho@virtadpt.net -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/25/2013 07:35 AM, Melvin Carvalho wrote:

It depends on the attacker. I think a large entity such as a govt or big to medium size corporation *may* be able to MITM https, of course the incentive to do so is probably not there ...

DLP (data loss prevention) products usually have MITM capability, to make sure that proprietary information isn't being exfiltrated. Also, some companies have full packet capture policies. The technology is out there and people buy and use it. Whether or not they're going to care about Bitcoin URIs in the short term, I don't know. Some of the companies documented here have such products: http://bluecabinet.info/wiki/Blue_cabinet#List_of_companies You are correct in that the incentive to carry out MITM attacks in this use case may not be there. However, detecting transactions may be more useful to an attacker than meddling with them. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Shiloh? Is your name Shiloh? Can I talk to you?" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJDC30ACgkQO9j/K4B7F8FungCgyQtkyiQIekhlv1/Nqdd/JAIV 3EgAoKW8wTOI11lEq0ieOsRiQmnkM9w6 =W50W -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5