On Tue, Jul 23, 2013 at 4:36 AM, Pieter Wuille <pieter.wui...@gmail.com>wrote:
> Apart from that, exposing this HTTP-based interface publicly has its
> own problems, like security risks and potential DoS risks. If
> anything, we should be reducing the attack surface rather than
> increase it. IMHO, the only thing that should be exposed in the P2P
> protocol, which is inevitable, and already has some DoS protections.
>
> I like this HTTP interface, but it should really only be used for
> trusted local applications and debugging.
>
We already have a good private HTTP interface. Most benefits of this REST
interface come from exposing it publicly. As always, the challenge is
balancing costs and benefits. I'm not confident that either can be known
with certainty until a well-written prototype is running in the wild. As
some nodes expose this interface, we'll gain concrete experience from which
node operators can make informed security trade offs.
--
Michael
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development
