Pages:
Author

Topic: [BIP][Draft] BitID - "Connect with Bitcoin" protocol - page 4. (Read 22692 times)

sr. member
Activity: 360
Merit: 250
CEO, Ledger
BitID is SQRL scoped to the Bitcoin realms.
The main advantage is that if all wallets implement BitID then everyone will benefit of the possibility to sign in with their address.
legendary
Activity: 1498
Merit: 1000
Can someone please explain why SQRL was not sufficient, and what BitID fixes over that?

SQRL and BitID, are basically the same thing, just one uses bitcoin addresses. Also since bitcoin addresses are becoming more ubiquitous it would be a better way.

Technically we could also ask the question why not use PGP keys?
legendary
Activity: 1680
Merit: 1035
Can someone please explain why SQRL was not sufficient, and what BitID fixes over that?
legendary
Activity: 1330
Merit: 1003
I'm really happy to see this. I came up with a similar idea on my own and am planning to implement it in a project I am working on. The fact that some of the work has already been done for me is terrific.  Grin
hero member
Activity: 784
Merit: 500
This is awesome, great work.
newbie
Activity: 16
Merit: 0
Of course, remember that if you're writing Bitcoin software, it's really easy to be in a situation where millions of dollars worth of value are controlled by your software. That's why the Bitcoin sourcecode and binaries are protected by both OpenPGP and CA's.

Yup, when updating to 0.9.0 on my main wallet, I:

  • Checked certificate/signature for bitcoin.org
  • Verified SHA256.asc file
  • Ran the hashing checksum on the tarball

And I do not see a reason not to check the website certificate, even if it's the simplest/weakest security on offer. You want every assurance you can get if it's where most of your coins are stowed. Should really go to the CA website and try to find fingerprints to compare with manually, but I think the browser is doing that automatically anyway, so it would be a peace of mind thing more than anything.

i think it will automatically when evertime connect and some defense for big bucks in cold walletthats important to . to save money in the right place
sr. member
Activity: 384
Merit: 258
Sorry, but NameID does both, you're repeating work. You can log in using NameID to prove you own the Namecoin address linked to your Namecoin ID information. That's how it has worked for a while.
You're right but there's an important difference between NameId and BitID:
  • NameID relies on OpenID which is a nice system but requires a third-party (the identity provider) to let you authenticate.
  • With BitID, no third-party is required. It's just your wallet and the website.

Both systems have their strengths and their weaknesses. It's a matter of choice.
member
Activity: 62
Merit: 10
NameID is about storing your identity into Namecoin, BitID is about authenticating to a service by proving you control a Bitcoin address.

BitID and NameID complement themselves.

For instance :
1. you sign in on a service with your BTC address using BitID
2. the service queries NameID and retrieves the identity (name, email, avatar...) attached to this address

Sorry, but NameID does both, you're repeating work. You can log in using NameID to prove you own the Namecoin address linked to your Namecoin ID information. That's how it has worked for a while.
sr. member
Activity: 360
Merit: 250
CEO, Ledger
Right now best practice is to generate arbitrary key from a domain and save it into a local db.
It could indeed be replaced by hashing an HD master key with the domain name, thus avoiding the need of such db.
hero member
Activity: 707
Merit: 500
Are there any best practice proposals to decide which key to use to sign?
Like using my HD master private key, appending the hostname, hashing, and using that as new private key for signing in?
Using the same mechanism for identity management would allow users to use their identity from within different wallets which have the same key / seed.
sr. member
Activity: 384
Merit: 258
BitAuth seems to look a lot like BitID or am I just plain stupid?
Grin
Main difference seems to be in nonce generation (client-side for BitAuth) but I'm not fond of this choice.

Edit: Another difference is that each request to the server is signed by BitAuth. I like the idea even if signing all requests may be a bit overkill. It also explains why the nonce is generated client-side.
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
BitAuth seems to look a lot like BitID or am I just plain stupid?
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
Quote
Andreas Petersson
Diskussion  -  12:39
v1.2.15 pushed to github, testnet + beta testers.

please have a close look at the latest changes
*) email notifications for local trader
*) navigation bugfixes after notifications
*) experimental BitID support (testnet only)
Source: Google+ Beta Tester Group

Going good Eric Grin
sr. member
Activity: 360
Merit: 250
CEO, Ledger
Right now, there is only a fork of Android Bitcoin Wallet supporting BitID
https://github.com/bitid/bitcoin-wallet

We need to finish it (missing some UI touch), and then submit a pull request to hopefully have it integrated into the main client.
The problem is I don't have much time right now Smiley I wish I could find another Android coder to help me.

Eric
newbie
Activity: 31
Merit: 0
Chiming in:

This particular protocol is the best to happen to usable security in a very, very long time.

This simple protocol extension offers two-factor authentication at higher usability and security than a one-factor login/password combo.

Assuming most people have some sort of screen lock on their phones, this provides for a two-factor authentication at the ease of pointing your phone at the screen. Bravo! Applause!

I actually wanted to start implementing this protocol server-side today, and was surprised to see that my Android wallet didn't yet have support for it.

I can't wait to offer something as simple and secure as this to users of my systems.

Cheers,
Rick
sr. member
Activity: 384
Merit: 258
Thanks to manuelzs, django developers can now play with BitId (Github - Pypy)
newbie
Activity: 27
Merit: 0
libpam-bitid: A PAM module to use a bitcoin address for credentials.

This is a linux PAM implementation of the BitID protocol. Linux system access is granted using just a bitcoin address.

It currently supports pam.d configuration for console or telnet login.

Github: https://github.com/angrycod/libpam-bitid

Example output:

Code:
$ telnet localhost
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Ubuntu 13.10
bitcoin address: 1DvRd44mD8EuCcym8zymYzabvmozwZ5r8G
challenge message: dbcbd542b29a3c4298651035ae6eaed3
signature: HE8DDp4eAEy61417XTPAQTOqPBcLP2h0Y0sTB9hfFILCv8ZpLzdH6dh/z6+o7A4VwwjM1Qq2SFVcgyf7U51JhdE=
Last login: Wed May 21 18:42:01 PDT 2014 from localhost on pts/17
Welcome to Ubuntu 13.10 (GNU/Linux 3.11.0-12-generic x86_64)

btctest:~$
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
The site http://txid.co start support BitId login now!
Its a bitcoin news aggregate site for chinese peoples.

That is amazing news. I am so happy that this project is moving forward!
newbie
Activity: 5
Merit: 0
The site http://txid.co start support BitId login now!
Its a bitcoin news aggregate site for chinese peoples.
copper member
Activity: 3948
Merit: 2201
Verified awesomeness ✔
Glad to see so much progress. You are doing a great job dude. Keep it up Smiley
Pages:
Jump to: