Re: [Taler] repurchase detection

taler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] repurchase detection

From:	Jeff Burdges
Subject:	Re: [Taler] repurchase detection
Date:	Fri, 19 Feb 2016 17:42:11 +0100

On Fri, 2016-02-19 at 16:13 +0100, Christian Grothoff wrote:
> > Should we use the hostname of the fulfillment URL?  The hostname of
> the
> > site that offered the contract (with taler-confirm-contract) in the
> > first place?  What if the merchant's hostname changes?
> 
> It's much simpler. The contract proposals are signed by the
> merchant's
> public key, so just include the merchant's public key.

We might need the hostname as well, I think.  

We've reasonable measures against abusing repurchase detection for
tracking, but one should always avoid spreading data between hostnames.

Jeff

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

[Taler] repurchase detection, Florian Dold, 2016/02/19
- Re: [Taler] repurchase detection, Christian Grothoff, 2016/02/19
  - Re: [Taler] repurchase detection, Florian Dold, 2016/02/19
    - Re: [Taler] repurchase detection, Christian Grothoff, 2016/02/19
  - Re: [Taler] repurchase detection, Jeff Burdges <=
    - Re: [Taler] repurchase detection, Christian Grothoff, 2016/02/19
- Re: [Taler] repurchase detection, Marcello Stanisci, 2016/02/22
  - Re: [Taler] repurchase detection, Christian Grothoff, 2016/02/23

Prev by Date: Re: [Taler] repurchase detection
Next by Date: Re: [Taler] repurchase detection
Previous by thread: Re: [Taler] repurchase detection
Next by thread: Re: [Taler] repurchase detection
Index(es):
- Date
- Thread