Re: [openpgp] Fingerprints

[ianG <iang@iang.org>]

On 16/04/2015 18:46 pm, Phillip Hallam-Baker wrote:

> <Fingerprint-ID>
>
> At the moment the consensus proposal seems to be that Fingerprint-ID
> is a numeric code that has exactly two entries.


I don't know why we'd do both.  I suppose it's because hashes are like 
mountains and seeing them, we have to walk up them.  If there are two, 
we have to walk up and down twice...


> I suggest:
>
> 96: SHA-2-512
> 144: SHA-3-512


In the unfortunate event that we allocate multiple hashes + numbers, 
then I suggest we also allocate an X that is to be used for closed, 
internal trials.  This way, people are less likely to homestead spots 
and then come to us with arguments about how they're using ABC and they 
don't want people to change and bla bla.


> These numbers are not completely random. While the codes themselves
> don't matter, using 0x60 and 0x90 has the pleasing and convenient
> effect that SHA-2-512 fingerprints will always start with the letter M
> (for Merkle-Damgard) and SHA-3-512 fingerprints will always start with
> the letter S (for Spongeworthy).


OK, cautious nod to the letters - although it would be pleasing if you 
could point to a web calculator that could lay out the conversions for 
those of us who've forgotten how do to hex-b32-ascii-dec in our head ;)

What is the extension strategy for when we've exhausted the 256 
possibilities in a byte?

(Yes I realise you didn't specify a byte, but I guess that's part of the 
question.)



We ourselves don't want more than a handful.  But if we open up the 
fingerprint standard to a wider audience, then austerity will be out the 
window.  What's our approach of the TLS group decides they want to add a 
few hundred?



iang