tampering with bip70 payment requests

[achow101]

From what I can understand, if a payment request isn't signed using an X.509 certificate, then there isn't anywhere in the request that is hashed or signed to verify its integrity. So how does it prevent tampering with the request between the server and the user if no authentication is used? Or is there no such mechanism?

[gmaxwell]

The mechanism would be that you've transported it over a secure transport in the first place, e.g. HTTPS or encrypted email. No different than a Bitcoin address or plain payment URI.

[achow101]

The mechanism would be that you've transported it over a secure transport in the first place, e.g. HTTPS or encrypted email. No different than a Bitcoin address or plain payment URI.

So if a merchant doesn't have an SSL certificate and thus doesn't support HTTPS and the request is sent over http, then someone could perform an MITM attack (just like with everything else using http) and could tamper with the request and the user wouldn't even know it. I personally feel that this is unsafe, especially when both the consumer and merchant have access to private keys which can sign that payment request so that, at a bare minimum, its integrity is verified.

edit: how come we are always told to verify the signatures and checksums of the software we download even if it was delivered through a secure mechanism like https? Shouldn't the same apply to the payment requests?