Bitcoin Forum
December 14, 2024, 08:08:25 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: GnuPG support from exchanges  (Read 816 times)
realnowhereman (OP)
Hero Member
*****
Offline Offline

Activity: 504
Merit: 502



View Profile
May 18, 2012, 12:47:16 PM
 #1

I've mentioned it here already, but it's worth it's own topic I think.

Why don't all exchanges have an optional field for us to upload a GnuPG public key?  In particular, one that matches the email address registered on the account?

As in the recent Bitcoinica case, and the original Mt.Gox hack, return to service is highly dependent on verifying identity.  The OpenPGP system has been around for years and works very well.  What's more, the exchanges could periodically sign those keys offline for themselves -- then, in the event of a complete database breach and potential alteration they would be able to verify every single identity, detecting those that a hacker had tampered with and able to restore the original owner reliably

It sometimes takes an event like these hacks to trigger a change of culture.  Perhaps this Bitcoinica hack could be the impetus for other exchanges to use digital identities, which are, let's be honest, far more secure than a scan of a passport (it's not difficult to photoshop a scan to whatever you want).

Wouldn't we all feel more secure if we had a reliable way of proving our identity to the exchange whenever they think activity is suspicious?

What would it take for the big four, Mt.Gox, Intersango, btc-e and virwox to simply add a field to their databases?

1AAZ4xBHbiCr96nsZJ8jtPkSzsg1CqhwDa
hazek
Legendary
*
Offline Offline

Activity: 1078
Merit: 1003


View Profile
May 18, 2012, 12:52:30 PM
 #2

Great idea.

My personality type: INTJ - please forgive my weaknesses (Not naturally in tune with others feelings; may be insensitive at times, tend to respond to conflict with logic and reason, tend to believe I'm always right)

If however you enjoyed my post: 15j781DjuJeVsZgYbDVt2NZsGrWKRWFHpp
markm
Legendary
*
Offline Offline

Activity: 3052
Merit: 1134



View Profile WWW
May 18, 2012, 01:13:26 PM
 #3

I am using Open Transactions as the software platform for my exchange, which I feel gives me a better chance of keeping it secure than a website would; and the identities one uses in that are cryptographic key pairs somewhat similar to PGP / GPG; but the idea of also optionally keeping on file an actual gribble/OTC compatible identity for those users who do wish to associate their Open Transactions "nym" with a more widely known identity does sound like a good idea.

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!