Topic: DNS name tx (Read 2203 times)
And this DNS trick will be usable in Tor's .onion network
Incidentally, for this DNS have custom-built records SRV. Theese records for Kerberos, for example:
$ dig _kerberos._tcp.host.com srv
;; QUESTION SECTION:
;_kerberos._tcp.host.com. IN SRV
;; ANSWER SECTION:
_kerberos._tcp.host.com. 3550 IN SRV 10 10 88 kerberos.host.com.
Requesting for any DNS-name SRV-record in this format, you can find the address of Kerberos-server for this domain. Similarly, we can do for Bitcoin by queryng about: "_bitcoin._tcp.host.com" or something.
All this is done covertly, human sees only the right part of the name: host.com
And for domain names with sub-domains Kerberos using TXT records to enable the customer to understand what realm it belongs to:
$ dig _kerberos.grid.host.com txt
;; QUESTION SECTION:
;_kerberos.grid.host.com. IN TXT
;; ANSWER SECTION:
_kerberos.grid.host.com. 3587 IN TXT "HOST.COM"
Bitcoin can use this for subdomains like www:
_bitcoin.www.host.com. 3587 IN TXT "HOST.COM"
i.e., human can send bitcoin to www.host.com, bitcoin client check TXT _bitcoin.www.host.com for DNS-name of bitcoin "realm", than check SRV _bitcoin._tcp.host.com and, finally, sends bitcoins to IP, specified by this SRV-record.
This scheme is really a part of Kerberos standart and used, I think, more than 15 years.
$ dig _kerberos._tcp.host.com srv
;; QUESTION SECTION:
;_kerberos._tcp.host.com. IN SRV
;; ANSWER SECTION:
_kerberos._tcp.host.com. 3550 IN SRV 10 10 88 kerberos.host.com.
Requesting for any DNS-name SRV-record in this format, you can find the address of Kerberos-server for this domain. Similarly, we can do for Bitcoin by queryng about: "_bitcoin._tcp.host.com" or something.
All this is done covertly, human sees only the right part of the name: host.com
And for domain names with sub-domains Kerberos using TXT records to enable the customer to understand what realm it belongs to:
$ dig _kerberos.grid.host.com txt
;; QUESTION SECTION:
;_kerberos.grid.host.com. IN TXT
;; ANSWER SECTION:
_kerberos.grid.host.com. 3587 IN TXT "HOST.COM"
Bitcoin can use this for subdomains like www:
_bitcoin.www.host.com. 3587 IN TXT "HOST.COM"
i.e., human can send bitcoin to www.host.com, bitcoin client check TXT _bitcoin.www.host.com for DNS-name of bitcoin "realm", than check SRV _bitcoin._tcp.host.com and, finally, sends bitcoins to IP, specified by this SRV-record.
This scheme is really a part of Kerberos standart and used, I think, more than 15 years.
I see no problem here. If the node is going to receive bitcoins, there are many ways to do it.
Google may use the routing or port forwarding, or register something like bitcoin.google.com.
Google may use the routing or port forwarding, or register something like bitcoin.google.com.
Sometimes a DNS address resolves to several IPs. Try nslookup google.com. Should we try them all?
I want to use SSL for the connection, using the bitcoin address' public key as the cert.
You would be certain you're connected to who you thought, and safely encrypted. The
bitcoin address would not be used for the transaction, only for authentication. A new
generated bitcoin address would be sent through the SSL connection.
Since it's authenticated, it would then be safe to allow the IP address to be a domain
name. Some care taken that if a proxy is used, it uses socks4a instead of DNS lookup.
You would be certain you're connected to who you thought, and safely encrypted. The
bitcoin address would not be used for the transaction, only for authentication. A new
generated bitcoin address would be sent through the SSL connection.
Since it's authenticated, it would then be safe to allow the IP address to be a domain
name. Some care taken that if a proxy is used, it uses socks4a instead of DNS lookup.
The use case was mostly that we have tx to IP (and can only send a memo when going to an IP) and so it seems like whatever reasons there are for sending to IP apply even better to DNS names (for those of us with dynamic IPs).
What is the use case for this?
Is it just to make it easier to send anonymous donations by typing in Pay To: "redcross.org" instead of copying&pasting a bitcoin address?
If something like that were implemented, seems like it would just invite the same kind of abuse we see with misspelled-domain-squatters-- setup a domain record for "redcros.org" pointing to a non-Red Cross bitcoin address and take advantage of people's fat-fingered misspellings. One big advantage of bitcoin addresses is that they have a built-in checksum, so if you misspell them (or screw up the copy&paste) your attempted transaction will be immediately rejected.
Is it just to make it easier to send anonymous donations by typing in Pay To: "redcross.org" instead of copying&pasting a bitcoin address?
If something like that were implemented, seems like it would just invite the same kind of abuse we see with misspelled-domain-squatters-- setup a domain record for "redcros.org" pointing to a non-Red Cross bitcoin address and take advantage of people's fat-fingered misspellings. One big advantage of bitcoin addresses is that they have a built-in checksum, so if you misspell them (or screw up the copy&paste) your attempted transaction will be immediately rejected.
Yes, but it may be very usable feature. Any ideas how to make it much safer?
So, we can tx to IPs... can we tx to DNS names? I don't have a static IP, but I do have DynDNS...
tx to IP is not recommended. Less secure than normal tx.
So, we can tx to IPs... can we tx to DNS names? I don't have a static IP, but I do have DynDNS...
Jump to: