Check it out if paymail can be exploited by spoofing DNS to…
Check it out if paymail can be exploited by spoofing DNS to return some other address that the consumer wanted to pay to. Signing or with TLS should be safe?
https://twetch.app/t/d0729c5e4e3e247e146602e319898bf909fbeba5a746652a4a62da5c6d496b37
Replies
we aren't gonna use paymail for actually sending money lol
meaning if during the dirty bootstrap phase we were address based then people would be able to like and say they are X b/c they have X's address... you're just 5 to me and 1 2 3 and 4 can tell me where to fine 5
the point of foundation was the realization that we need to create address contexts in the #!de interpreter as tho we were passing an input to a well defined solid template, but then we lost the template
Who/what can identify 88 in this scenario? Is there enough of me for someone to know?
You are 88 but will you still be after this post? We need to think harder there are solutions shining a good light to the problem. We need to order the “mess” and come out with clean, sharp, specialized, small, solid things that play well together.
Good point! How do we get there?
We use TLS. MB is safe. What is a problem is third party hosted paymails when the sender uses coffee shop wifi. The answer for that is DNSSEC. This is planned.
I switched all my domains to DNSSEC enabled hosts for this reason Although I must admit I'm not entirely sure how it works. I still have a lot to learn, but prioritising what to learn when is the real challenge I think.