Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
March 23, 2014, 08:01:25 PM |
|
UDP? Why on earth would udp be used over tcp?? Multicast applications?
Not over TCP. Over IP.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
March 23, 2014, 08:01:32 PM |
|
@CfB how do I get transaction GUID? Does it fit in 64bits?
getTransaction should return hash aka GUID. It's 256-bit long though. Thanks. I dont see it yet, so I guess not in current testnet. I will allocate 256 bits for it To clarify, I cannot trust the txid, but I can trust the GUID that I get via getTransaction for the untrusted txid? James
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
March 23, 2014, 08:02:20 PM |
|
In the end we'll have clients that prepare and sign transactions completely locally and send them via UDP.
UDP? Why would udp be used over tcp?? Multicast applications? UDP also prevents sockets being locked up for the timeout period by attackers
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
March 23, 2014, 08:04:06 PM |
|
Thanks. I dont see it yet, so I guess not in current testnet. I will allocate 256 bits for it
It's "hash". It should be in production already. To clarify, I cannot trust the txid, but I can trust the GUID that I get via getTransaction for the untrusted txid?
Yes.
|
|
|
|
xyzzyx
Sr. Member
Offline
Activity: 490
Merit: 250
I don't really come from outer space.
|
|
March 23, 2014, 08:07:38 PM |
|
it would still be good to get SSL on wiki and on whatever forums DNS name they come up with for http://107.170.117.237 forums site. If the community decided the new forums to be on nxtcrypto.org then a wildcard would be the way to go anyways, otherwise 2 different certs are needed. How much do you need for a domain-wide SSL certificate for *.nxtcrypto.org?
|
"An awful lot of code is being written ... in languages that aren't very good by people who don't know what they're doing." -- Barbara Liskov
|
|
|
intmain()
Newbie
Offline
Activity: 28
Merit: 0
|
|
March 23, 2014, 08:08:40 PM |
|
UDP? Why on earth would udp be used over tcp?? Multicast applications?
Not over TCP. Over IP. So I guess it's for realtime transaction multicasting?
|
|
|
|
LemonAndFries
|
|
March 23, 2014, 08:09:48 PM |
|
Here's a reminder: Don't forget your target audience, the average crypto investor.
This is an assumption. One that I don't share, by the way. Umm.. OK. Obviously this project is for the "elite" of the tech world. Thanks for reminding why I don't even bother to come here anymore. Disappointing to see such a great project / idea turn into such an elitist mentality.
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
March 23, 2014, 08:10:14 PM |
|
Thanks. I dont see it yet, so I guess not in current testnet. I will allocate 256 bits for it
It's "hash". It should be in production already. To clarify, I cannot trust the txid, but I can trust the GUID that I get via getTransaction for the untrusted txid?
Yes. Doh! "hash": "a680aec728f77f26012a8e998a955cd11efbe988e777e038c9e47fccee94f613", "GUID" is actually called "hash", I kept waiting for a "GUID" field... Can you explain how the malleable txid can be trusted to retrieve the proper hash? Does this I assume I wait for 10 confirmations? Do I have to make sure a specific txid is matched with hash, or can I just throw away the txid and index off of hash. Is there a getTransaction I can call by passing in hash? James
|
|
|
|
Emule
|
|
March 23, 2014, 08:10:50 PM |
|
I see so many red flags and things that could kill nxt, that it is even a wonder nxt is still around, but not for long this way
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
March 23, 2014, 08:11:02 PM |
|
So I guess it's for realtime transaction multicasting?
Global multicasting doesn't work. It's for realtime transaction unicasting.
|
|
|
|
Emule
|
|
March 23, 2014, 08:12:07 PM |
|
Here's a reminder: Don't forget your target audience, the average crypto investor.
This is an assumption. One that I don't share, by the way. Umm.. OK. Obviously this project is for the "elite" of the tech world. Thanks for reminding why I don't even bother to come here anymore. +1 another investor chased away, congrats to the great community
|
|
|
|
opticalcarrier
|
|
March 23, 2014, 08:13:55 PM |
|
UDP? Why on earth would udp be used over tcp?? Multicast applications?
Not over TCP. Over IP. lols. lost in translation.
|
|
|
|
Jean-Luc
|
|
March 23, 2014, 08:14:07 PM |
|
Please expound. Really we only need a decision made on whether or not there is benefit if infrastructure committe will pay for my VPSs' SSL certs, or if I should just disable SSL on them. The committe's response was "no we dont want to pay for SSL just use tor." well I have previously laid out reasons that NXT has only partial tor support (DNS is still leaked out), plus, like I mentioned, tor is eventually compromised unless very harsh, nearly impossible security methods are taken
Apparently the certs that I am using, that is signed by a private CA, still causes some client-side software to fail, apparently they cannot just ignore the cert warning for some reason.
In the end we'll have clients that prepare and sign transactions completely locally and send them via UDP good info, ill go ahead and disable SSL on them then. (it would still be good to get SSL on wiki and on whatever forums DNS name they come up with for http://107.170.117.237 forums site. If the community decided the new forums to be on nxtcrypto.org then a wildcard would be the way to go anyways, otherwise 2 different certs are needed. Unless the wiki and forums operator are willing to purchase it out of their own pocket. Users of Wesley's client that sign transactions client-side will have their privacy compromised without SSL, even though the transactions and their password will be secure (assuming he is verifying the bytes before signing). I do see the value of SSL in this use case, because it is much simpler for the end user than setting up tor, and we are targeting users who presumably are not sophisticated enough to be running the Java server themselves. My opinion was that SSL is not needed, and in fact cannot be used, for communications between nodes, and also that we cannot distribute an SSL certificate with the Nxt package itself. But for communications between thin clients and a public node, SSL is easier than tor for the end user for the purpose of preserving privacy - that is, from a spying ISP or government, not from the owner of the public node itself.
|
|
|
|
BitcoinForumator
Legendary
Offline
Activity: 1120
Merit: 1000
|
|
March 23, 2014, 08:17:36 PM |
|
Cfb, are you going to join nxtforum.org?
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
March 23, 2014, 08:18:41 PM |
|
Doh!
"hash": "a680aec728f77f26012a8e998a955cd11efbe988e777e038c9e47fccee94f613",
"GUID" is actually called "hash", I kept waiting for a "GUID" field...
Can you explain how the malleable txid can be trusted to retrieve the proper hash? Does this I assume I wait for 10 confirmations? Do I have to make sure a specific txid is matched with hash, or can I just throw away the txid and index off of hash. Is there a getTransaction I can call by passing in hash?
James
Use only hash, Jean-Luc added ability to get transactions by hash, iirc.
|
|
|
|
chanc3r
|
|
March 23, 2014, 08:20:42 PM |
|
@jl777 if you need cash for servers, come knock on InfComs door.....
@Opticalcarrier; I'm quite happy for u to submit a request for funding for SSL on forum and wiki servers.
+1
|
|
|
|
EvilDave
|
|
March 23, 2014, 08:26:10 PM |
|
Lots cut....
Users of Wesley's client that sign transactions client-side will have their privacy compromised without SSL, even though the transactions and their password will be secure (assuming he is verifying the bytes before signing). I do see the value of SSL in this use case, because it is much simpler for the end user than setting up tor, and we are targeting users who presumably are not sophisticated enough to be running the Java server themselves.
My opinion was that SSL is not needed, and in fact cannot be used, for communications between nodes, and also that we cannot distribute an SSL certificate with the Nxt package itself. But for communications between thin clients and a public node, SSL is easier than tor for the end user for the purpose of preserving privacy - that is, from a spying ISP or government, not from the owner of the public node itself.
Can I summarise the SSL situation as: No SSL on nodes. Not needed. SSL on forums/wiki may be useful, if only as security theater. Wesleys client must have SSL in order to function securely. http://nxtra.org/nxt-client/Correct me if i'm wrong.
|
|
|
|
Touque
Member
Offline
Activity: 94
Merit: 10
|
|
March 23, 2014, 08:30:16 PM |
|
If you want to subsidize and compensate the people who run the servers and service, why don't subsidize with NXT or charge NXT for using your service? Who will pay for it? Will you use the NXT community fund to subsidize the service in the beginning?
I dont have that much NXT myself to be able to afford any significant NXT subsidy. I could charge NXT, but the whole issue has been that small stakeholders cant forge any meaningful amount of NXT, while everyone can mine enough nodecoins for the fees for my servers. I figured it was better to make multigateway services affordable for everyone. I seem to have been fired from managing the NXTcash project and as trustee of NXTcommunityfund, but not sure. Nobody seems to tell me the important stuff. I was planning on continuing to pay for my servers as long as I could afford to. Making it selfsufficient by charging fees would create stability, which seems like a good tradeoff. James You can apply for financial support from the infras committee which is set up for the projects as yours. http://107.170.117.237/index.php
|
|
|
|
EvilDave
|
|
March 23, 2014, 08:32:10 PM |
|
Here's a reminder: Don't forget your target audience, the average crypto investor.
This is an assumption. One that I don't share, by the way. Umm.. OK. Obviously this project is for the "elite" of the tech world. Thanks for reminding why I don't even bother to come here anymore. Disappointing to see such a great project / idea turn into such an elitist mentality. What the buggery....? Elitist ? Just because we're trying to build something with a little bit more frigging ambition than mine, pump, dump, repeat ? It's been said before, but NXT is for everyone. If L+F (or anyone else) wants to concentrate on NXT as a first gen crypto, then he's got all the room in the world to do so. 2nd gen features do not explicitly exclude all of the simpler first gen stuff. Maybe L+F could set up a first gen workgroup/posse to concentrate on the promotion and use of NXT in the first gen space........?
|
|
|
|
jl777
Legendary
Offline
Activity: 1176
Merit: 1134
|
|
March 23, 2014, 08:34:04 PM |
|
@jean-luc Can I rely on a "comment" field for transferAsset? Without that correlating multigateway deposit with corresponding asset transfer will have to use other means. At best, it will delay proper crediting. It sure would make it a lot easier and quicker for me if I could assume a comment could be optionally added to transferAsset
James
|
|
|
|
|