Put things this way; if you manage (on a more or less distant future, don’t know) to run sort of a shop on surface web* with BC, you may want:
» Your customers to be identifiable – to know who is paying what and handle refunds
» Your customers to leave notes along with the payment.
» Your customers to have a friendly address to pay to (not an IP, not an unreadable hash) – unless you run thenerdsshop.com there is.
» Your customers to not be nagged.For this would be obviously interesting a TLS/SSL feature. Imagine this operation:
Client -> send BC 50 to bcpay.mysite.com
bcpay.mysite.com -> send a certificate with the store’s data, client’s get a popup with this server’s information to confirmeg:
You’re about to make a payment to the following Bitcoin client:SITE NAME: mystore.com
COMMON NAME: Payments Gateway
CA VERIFIED BY: BitcoinSSLClient -> Confirm ? payment is sent: payment is cancelled.
* Tor users: Let’s call it a surface web shop shipping goods to your house, so you wouldn’t go there anyway. What would be the point of hide your IP while give your home address?
SirArthur has a good point about the normal online merchant case, which is what the send-by-IP option is more suited to. This is the case where the merchant will have a server on a static IP and their own domain name and SSL cert.
Instead of connecting by IP, we can connect to a domain name by SSL, using the existing CA infrastructure to authenticate that you’re connected to the owner of that domain.
The user would send to domain.com (or www.domain.com is ok too). That would be very natural and users could see and verify that what they entered is who they intend to pay.
The SSL also makes it safe for TOR users.
Problem is, I think merchants would still prefer to use bitcoin addresses to be certain they know what the payment is for. You simply cannot count on users to enter the right thing in the comment fields to identify the transaction. It would only approach practical if we had a mailto style link that prepopulates the comment field with the order number, but then the link could just as well be a bitcoin address.
Just having an open bitcoin server at domain.com that users could send unidentified payments to would be too much of a liability. Regular users aren’t used to the idea of having to identify the payment. Merchants would get too many blank payments followed by “I paid you, where’s my stuff?!” a week later.
The payment sequence does have a step where the receiver verifies the order before accepting it. It can reject the payment and return an error message if it doesn’t contain a valid order number. That would require a difficult level of integration of custom code with the bitcoin server though.
59,525 total views, 7 views today
https://bitcointalk.org/index.php?topic=158.msg1582#msg1582