ToDo: Specification to safely import external data

Post Reply
phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

ToDo: Specification to safely import external data

Post by phelix »

Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

biolizard89
Posts: 2001
Joined: Tue Jun 05, 2012 6:25 am
os: linux

Re: ToDo: Specification to safely import external data

Post by biolizard89 »

phelix wrote:Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.
I'm not certain I understand what you're asking. Are you trying to do something like the "import" field, but have it imported from an HTTP URL rather than the blockchain? If so, you'd probably want to supply a hash in the blockchain, and disable such fields in "private mode" like nmcontrol currently does for the "ns" field. If a user really wants to access that data in private mode, they should use Tor.
Jeremy Rand, Lead Namecoin Application Engineer
NameID: id/jeremy
DyName: Dynamic DNS update client for .bit domains.

Donations: BTC 1EcUWRa9H6ZuWPkF3BDj6k4k1vCgv41ab8 ; NMC NFqbaS7ReiQ9MBmsowwcDSmp4iDznjmEh5

phelix
Posts: 1634
Joined: Thu Aug 18, 2011 6:59 am

Re: ToDo: Specification to safely import external data

Post by phelix »

biolizard89 wrote:
phelix wrote:Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.
I'm not certain I understand what you're asking. Are you trying to do something like the "import" field, but have it imported from an HTTP URL rather than the blockchain? If so, you'd probably want to supply a hash in the blockchain, and disable such fields in "private mode" like nmcontrol currently does for the "ns" field. If a user really wants to access that data in private mode, they should use Tor.
That's what I am talking about and these are exactly the kind of issues we would have to solve.

A solution that comes to mind would be an id/ browsing GUI (like https://nameid.org/ or locally via NMControl) that can fetch and verify the data. Hmmm maybe it could be the same thing as for signing files.
nx.bit - some namecoin stats
nf.bit - shortcut to this forum

Post Reply