Brian Goss, on 06 February 2014 - 05:57 PM, said:
I need a good short word or phrase (better than channel) to describe this:
The idea is to verify that the signed message wasn't intercepted and replaced with another signmed message.
For example, if you put a signed message soliciting funds for donation on your website, and I hack your site and replace it with my own signed message directing donors to send funds to my address, the donors would have no way of knowing. But, if you send me the signed message via email, I could compare to the website.
The payment protocol will definitely help in this area and our cheif sci guy is working hard with others on it.
Brian - I'm a bit coinfused....
It seems that the goal here is to protect the donor against a hacked website. And to protect against something like an apparently authoritative letter to the NY Times saying the likes of "Next time you do an article on Saving Puppies", please include our donation address 2349u234234234...which is fake.
On the one hand, the owner of the website should have that responsibility. It's certainly in his interest to ask for donations, and to insure they go to him/his cause.
But if a journalist was writing a story, and included a donate-to QR code for bitcoin donations, that story goes to millions, large numbers of donations are made before a correction to the code can be established...
Wouldn't the best way to handle that to think in terms of an intermediary, such as an escrow service? This gets the journalist off the hook completely, and interjects the slight time delay which is useful for catching errors and fraud.
A. Reporter says/writes: "Donate to this QR code - just enter SAVEDOGS into the memo field".
B. Reporter says/writes "Savedogs is a great organization - they have a QR code on their web site you can donate to."
C. Reporter says/writes "Donate to this QR code" Which the reporter or his editor verifies.
A is the escrow type service, B and C appear to be the case you mentioned.
What am I missing? I am just leaning in the direct that if you start with the belief that you can't trust the journalist, you need an intermediary you can trust. Looks like a business opportunity for someone.