[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Taler] repurchase detection
|
From: |
Christian Grothoff |
|
Subject: |
Re: [Taler] repurchase detection |
|
Date: |
Fri, 19 Feb 2016 17:52:10 +0100 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Icedove/38.5.0 |
On 02/19/2016 05:42 PM, Jeff Burdges wrote:
> On Fri, 2016-02-19 at 16:13 +0100, Christian Grothoff wrote:
>>> Should we use the hostname of the fulfillment URL? The hostname of
>> the
>>> site that offered the contract (with taler-confirm-contract) in the
>>> first place? What if the merchant's hostname changes?
>>
>> It's much simpler. The contract proposals are signed by the
>> merchant's
>> public key, so just include the merchant's public key.
>
> We might need the hostname as well, I think.
>
> We've reasonable measures against abusing repurchase detection for
> tracking, but one should always avoid spreading data between hostnames.
Jeff, as no real information flows back here from the wallet to the
JavaScript running on the host about contracts already entered, I think
this is OK. Adding the hostname would prevent certain load balancing
strategies from working, so I don't think we should use it.
signature.asc
Description: OpenPGP digital signature