Could you please edit your post to include a link or some other reference and then I can delete this post
done.
Topic: the new bitcoin ID service (Read 3665 times)
done.
To me, if you really want to make sure the person you pay is the person you think, you have to request for a signed bitcoin address.
Here is why i'm progressively adding secured methods to verify the different parts of an identity on bictoin-contact : http://bitcoin-contact.org/identity/khal (verified addresses are with the green check, but i'm not satisfied with this display).You can currently :
- add your OTC identity, verified with a signed GPG message
- add a bitcoin address, verified by sending a payment to self of a certain amount (i explain how to do that when you add the address in your account). I will add the ability to sign message directly with your bitcoin address when my patch will be included : Sign and verify message with bitcoin address and public key]http://bitcointalk.org/index.php?topic=6428.0
- add an email address, verified the classical way
A direct GPG signed bitcoin address will always be better, of course, if you know how to do it and if you know the public key of the person :p
I'm a bit skeptical about this new bitcoin ID service. What is it for exactly?
To me, if you really want to make sure the person you pay is the person you think, you have to request for a signed bitcoin address.
Exemple:
- Alice: Hi, grondilu, I really like what you do and I would like to donate bitcoins to you.
- grondilu: Ok, my bitcoin address is: 1LBEfZmRqtaH6KwGqt89uFm7dvdkiPdutC
- fake-grondilu: Don't listen to this guy, Alice, I am the real grondilu and my bitcoin address is: 1PffXTH9o2Lg87d6Y5igEFPSbv6f1kE97U
- Alice: I know grondilu's public key, so you guys sign your bitcoin address so I found out who is the real grondilu.
- grondilu: Ok, here it is again:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
1LBEfZmRqtaH6KwGqt89uFm7dvdkiPdutC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk26qGQACgkQq17371C4DmjhVgCg507apPO5bNqwzZnXlPTLe+2q
rM4An34WgO2Lv9LK+tTG0E8Uzlg5pg9v
=+mTq
-----END PGP SIGNATURE-----
- fake-grondilu: damn it, you got me.
Now, I know not everybody uses GnuPG, so I guess this bitcoin ID service is usefull anyway.
To me, if you really want to make sure the person you pay is the person you think, you have to request for a signed bitcoin address.
Exemple:
- Alice: Hi, grondilu, I really like what you do and I would like to donate bitcoins to you.
- grondilu: Ok, my bitcoin address is: 1LBEfZmRqtaH6KwGqt89uFm7dvdkiPdutC
- fake-grondilu: Don't listen to this guy, Alice, I am the real grondilu and my bitcoin address is: 1PffXTH9o2Lg87d6Y5igEFPSbv6f1kE97U
- Alice: I know grondilu's public key, so you guys sign your bitcoin address so I found out who is the real grondilu.
- grondilu: Ok, here it is again:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
1LBEfZmRqtaH6KwGqt89uFm7dvdkiPdutC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk26qGQACgkQq17371C4DmjhVgCg507apPO5bNqwzZnXlPTLe+2q
rM4An34WgO2Lv9LK+tTG0E8Uzlg5pg9v
=+mTq
-----END PGP SIGNATURE-----
- fake-grondilu: damn it, you got me.
Now, I know not everybody uses GnuPG, so I guess this bitcoin ID service is usefull anyway.
Jump to: