View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007304 | Taler | exchange | public | 2022-08-20 21:28 | 2023-04-04 19:31 |
Reporter | Christian Grothoff | Assigned To | |||
Priority | low | Severity | tweak | Reproducibility | N/A |
Status | feedback | Resolution | open | ||
Platform | i7 | OS | Debian GNU/Linux | OS Version | squeeze |
Product Version | git (master) | ||||
Target Version | 0.9.6 | ||||
Summary | 0007304: should we normalize payto://-URIs in the exchange before hashing? | ||||
Description | We use the h_payto to re-identify accounts during KYC. It is used as the sharding key, and also in the protocol. In _most_ places (except for the GET /deposits/, where the client is really expected to already know the h_payto) the exchange now does return it to the client, so the client doesn't have to compute the hash itself. Still, normalization will make it "easier" to not accidentally re-require the (expensive) KYC process when little things have changed, such as a BIC in an 'iban' URI or capitalization of hostnames (x-taler-bank) or similar small shitty changes that don't matter (including possibly the 'receiver-name' as set by LibEuFin). Whether to normalize and how is an open question. Where is pretty clear: the payto-uri hashes are all computed in libtalerutil in one function. | ||||
Tags | No tags attached. | ||||
|
Conclusion of the discussion has been that the only component that should normalize is the merchant (spa/backoffice) before hashing the payto://-URI and sending it to the exchange for payment. |
|
We should discuss which normalizations should be one. Candidates: - lower-case everything (including receiver-name) - upper-case everything (including receiver-name) - remove BIC from iban/ payto://-URIs Other? |
Date Modified | Username | Field | Change |
---|---|---|---|
2022-08-20 21:28 | Christian Grothoff | New Issue | |
2022-08-20 21:28 | Christian Grothoff | Status | new => assigned |
2022-08-20 21:28 | Christian Grothoff | Assigned To | => Florian Dold |
2022-08-23 10:29 | Christian Grothoff | Note Added: 0019025 | |
2022-08-23 10:31 | Christian Grothoff | Note Added: 0019026 | |
2022-08-23 10:31 | Christian Grothoff | Assigned To | Florian Dold => |
2022-08-23 10:31 | Christian Grothoff | Priority | urgent => normal |
2022-08-23 10:31 | Christian Grothoff | Status | assigned => feedback |
2022-10-20 11:16 | Christian Grothoff | Target Version | 0.9 => 0.9.1 |
2022-10-20 11:41 | Christian Grothoff | Priority | normal => low |
2022-10-20 11:41 | Christian Grothoff | Target Version | 0.9.1 => |
2023-04-04 19:30 | Florian Dold | Product Version | git (master) => 0.9.6 |
2023-04-04 19:31 | Florian Dold | Product Version | 0.9.6 => git (master) |
2023-04-04 19:31 | Florian Dold | Target Version | => 0.9.6 |