Re: [openpgp] Fingerprints
"Daniel A. Nagy" <nagydani@epointsystem.org> Tue, 28 April 2015 11:39 UTC
Return-Path: <nagydani@epointsystem.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 94BE01A89FA for <openpgp@ietfa.amsl.com>; Tue, 28 Apr 2015 04:39:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.601
X-Spam-Level:
X-Spam-Status: No, score=-4.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, GB_I_LETTER=-2, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0Gziek2tlaT for <openpgp@ietfa.amsl.com>; Tue, 28 Apr 2015 04:39:01 -0700 (PDT)
Received: from mail-wg0-f50.google.com (mail-wg0-f50.google.com [74.125.82.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D5DA81A89F2 for <openpgp@ietf.org>; Tue, 28 Apr 2015 04:38:55 -0700 (PDT)
Received: by wgyo15 with SMTP id o15so148009751wgy.2 for <openpgp@ietf.org>; Tue, 28 Apr 2015 04:38:54 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=GIr/ONgeiH5DMwBykKgg399l3WyH6ba70AZsf2jLLGE=; b=FtUyigVkJYDuWZxTa/lia8oWe4KKygePqlihUYiKNir4xVh7c3fGAvbaOku871fRyb wdA5t3jaYttccaoV7KmmNrwWkVzCxGIBtk7WJLi2uSjFa5SBylVsYea8Ymusppy5Nrvl kcG70sV3rKgQmxPPJSn0P1t1rzS4Zhdj8PXvEQK5nJKltrdquHO5beHu2icknpgYJIEX 9qQQQDYboDXaMXIAihTSxkB7FPLKAdbZwdfMJZhDtxZParL0e/fdg9ZBi8FaF06H96CF QctMvGIEruARYwlkAcgauNwzPclI59D8rMqkyJaX+DHO2W2KiuoO5xfe5LkGvub26Ri9 RUiA==
X-Gm-Message-State: ALoCoQmd+rArkKDtmPXlMCZUqSxWAJLZA+1J+tgvMyKt9So4bg0bxXFYm5r/e13MqU9vfhVJfOTr
X-Received: by 10.194.79.226 with SMTP id m2mr31224390wjx.60.1430221134582; Tue, 28 Apr 2015 04:38:54 -0700 (PDT)
Received: from [192.168.120.139] ([157.181.227.17]) by mx.google.com with ESMTPSA id n8sm15973439wiy.19.2015.04.28.04.38.53 for <openpgp@ietf.org> (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 28 Apr 2015 04:38:53 -0700 (PDT)
Message-ID: <553F7149.6000706@epointsystem.org>
Date: Tue, 28 Apr 2015 13:38:49 +0200
From: "Daniel A. Nagy" <nagydani@epointsystem.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0
MIME-Version: 1.0
To: openpgp@ietf.org
References: <CAMm+LwhbB+-MnGRBCvprgAGOuu+5CJ2rgod7EBGOQR5UNVrspQ@mail.gmail.com> <87d232lkb6.fsf@alice.fifthhorseman.net> <553F6BF8.2080501@iang.org>
In-Reply-To: <553F6BF8.2080501@iang.org>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/LzMAZ8NLv0vponvpmSJFWOF-RbA>
Subject: Re: [openpgp] Fingerprints
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Apr 2015 11:39:02 -0000
Speaking of that, we may want to specify a URL format for the fingerprint which would facilitate the importing or checking of keys through the intent mechanism (it has a different name in iOS, but it's there). That way, QR codes would also become quite straightforward. Cheers, Daniel On 04/28/2015 01:16 PM, ianG wrote: > On 17/04/2015 18:46 pm, Daniel Kahn Gillmor wrote: > >> * human-representable form of the digest: e.g. hex, base32, common >> hyphenation patterns, etc. there are legibility/usability factors >> here that i don't know enough to comment on. > > > > > Just on that, I recently went through an exercise where phones get > introduced to phones. Once introduced the phones can speak to servers > directly naming their new friends and get high quality information in > dense cryptographic form. Users need not be bothered by the arcania. > > But two people meeting for the first time is a bother, especially as > there are no presentations of cryptographic information in the app at > all, and we can't rely on the various bluetooth and so forth local > interactions. > > We tried some variants, and in the end, I settled on a 4-letter base26. > It is created on one phone (register on server) and typed into the > other phone (lookup on server). > > The base26 alpha was chosen because many phones have tiny keyboards > which require hitting a meta key to get out to numerics. This made the > Base32, hex and other mixed alphanumerics a pain, it about doubled the > workload and more than doubled the error rate. > > A count of 4 characters was settled on because it was enough to provide > some discrimination but not enough to seriously challenge the users. > Users found 6 characters to be a bit testy (I include myself in this) > whereas people felt that if they couldn't handle 4 characters felt they > could blame themselves for the errors not the system. > > > > iang > > > ps; The codes themselves once created are only valid for an hour, > suitable for a face to face meeting, so there is a lot more space > available. > > ps2; 4 uppercase letters was also used by the military back in the old > pencil & paper tactical codes days. At least my military. > > _______________________________________________ > openpgp mailing list > openpgp@ietf.org > https://www.ietf.org/mailman/listinfo/openpgp
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Werner Koch
- [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Tom Ritter
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Stephen Paul Weber
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints David Shaw
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel Kahn Gillmor
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Designated Revokers Vincent Breitmoser
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Jon Callas
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Derek Atkins
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Daniel Ranft
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Daniel A. Nagy
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Werner Koch
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] [eX-bulk] : Re: Fingerprints Christopher LILJENSTOLPE
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Vincent Breitmoser
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints Christoph Anton Mitterer
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints ianG
- Re: [openpgp] Fingerprints Phillip Hallam-Baker
- [openpgp] [RFC4880bis PATCH] Deprecate "Revocatio… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Neal H. Walfield
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Werner Koch
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Paul Wouters
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… vedaal
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [RFC4880bis PATCH] Deprecate "Revoc… Daniel Kahn Gillmor
- Re: [openpgp] [Suspected Junk Mail] Re: [RFC4880b… Daniel Kahn Gillmor