[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] Hello

From: Joerg Baach
Subject: Re: [Taler] Hello
Date: Wed, 7 Dec 2016 00:13:53 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1

Hi Christian, hi Jeff,

thanks a lot for your explainations.

With regards to the refresh - isn't the whole point of blind signatures
that the _transactions_ can't be traced, e.g. that your can rely on the
protocol that no information is leaked? Hiding the IP looks like a
"second line of defense" to me, a bit like bitcoin. Or do I miss something?

On the merchant's certificate - I understand that you want to use x509.
But _who_ is signing in the end? The way I understand Christian's answer
it would piggypack on the existing certificate infrastructure, avoiding
to roll out a new one, but also inherit the trust issues, with way to
many CAs of questionable trustworthyness. Why not only trust a small
subset of CAs, or can the exchange define what CAs to trust?

Lastly, the NFC. A nice approach to use the merchant as a bridge to the
issuer. I have to think about that one. I wonder though if in a person
to person situation cash is much more reliable, and also faster and



reply via email to

[Prev in Thread] Current Thread [Next in Thread]