 |
December 30, 2013, 01:33:59 PM |
|
I am trying to brainstorm ways of preventing crackers from gaining access to my website
and changing my bitcoin address to one of theirs. Of course all of this is just in the
eventuality that my website gets compromised. I like to be prepared.
I am thinking of creating a new public-private key pair and signing up with a CA in
the same way I would do if I was setting up https functionality. Then I would create a list of
bitcoin addresses, and encrypt all of them with my new private key and uploading them to
the server. The users can retrieve the certificate from the CA, get my public key, and decrypt
the address. How is this different from normal SSL/HTTPS? The difference is that private key
will not be hosted on the server.
Can you comment on this strategy, especially if it is fatally flawed somehow?
As for user functionality, I'm thinking of writing a userscript to do the decrypting and
verifying if there isn't already a viable add-on for Firefox and Chrome.
|
