Namecoin Forum

The first secure, decentralized, human-meaningful naming system.
https://forum.namecoin.org/

ToDo: Specification to safely import external data

https://forum.namecoin.org/viewtopic.php?f=5&t=1714

Page 1 of 1

ToDo: Specification to safely import external data

Posted: Tue Mar 25, 2014 4:05 pm
by phelix
Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.

Re: ToDo: Specification to safely import external data

Posted: Tue Apr 01, 2014 4:12 am
by biolizard89
phelix wrote:Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.
I'm not certain I understand what you're asking. Are you trying to do something like the "import" field, but have it imported from an HTTP URL rather than the blockchain? If so, you'd probably want to supply a hash in the blockchain, and disable such fields in "private mode" like nmcontrol currently does for the "ns" field. If a user really wants to access that data in private mode, they should use Tor.

Re: ToDo: Specification to safely import external data

Posted: Wed Apr 02, 2014 9:32 am
by phelix
biolizard89 wrote:
phelix wrote:Say I want to store a link and signature (fingerprint) for a retroshare certificate. How would I go about it?

Tag: load?

Problem: IP address could be revealed to the external server


Another use case might be the import of a signed NMC/BTC address that could change on every request.

Maybe we can work out standard procedures for these.
I'm not certain I understand what you're asking. Are you trying to do something like the "import" field, but have it imported from an HTTP URL rather than the blockchain? If so, you'd probably want to supply a hash in the blockchain, and disable such fields in "private mode" like nmcontrol currently does for the "ns" field. If a user really wants to access that data in private mode, they should use Tor.
That's what I am talking about and these are exactly the kind of issues we would have to solve.

A solution that comes to mind would be an id/ browsing GUI (like https://nameid.org/ or locally via NMControl) that can fetch and verify the data. Hmmm maybe it could be the same thing as for signing files.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited