Given that Bitcoin 0.1 had a payment protocol in it, and he ended up disabling it due to the lack of authentication allowing MITM attacks, I can only assume he'd be fine with bringing it back in a fixed form.
But there were several mentions of alternative ways to mitigate MITM problem in this very thread. Is none of them valid ? (I will cite the previous mentions from this thread):
- "
Rivest's Interlock Protocol can prevent a man in the middle from altering your communications while allowing you to communicate at all. At most, he is then reduced to an eavesdropper or able to engage a denial-of-service attack".
- "
Bitcoin already has a solid public key infrastructure in that each and every coin is controlled by a public/private key pair. If you know who owns a coin, you can compose a message to them and encrypt it using that coin's public key".
- "
ZRTP: For people seeking trustless key exchange algorithm: it has been already invented (i.e. you can avoid MITM attack without relying on PKI) - ZRTP could be easily adapted to bitcoin payments, changing SAS authentication string to PIN , for example, as it can be only 16 bit number. However, you would have to trust the merchant not to scam you".
But at any rate, calling the PKI "centralised" vs Bitcoin "decentralised" is kind of amusing, given that there are more root CA's than mining pools.
1. This is not an excuse. Just because some part of Bitcoin is already centralized, should we make it even more centralized thus breaking it even more ? Where's the logic in that ?
2. There are decentralized pools (p2pool and such), just not many people are currently using it.
So mining is or at least *can be* decentralized.
----
Other than above, no more questions for now.