IETF Logo Mail Archive

Re: [openpgp] Version 5 key and fingerprint proposal

Peter Todd <pete@petertodd.org> Thu, 16 March 2017 13:34 UTC

Return-Path: <pete@petertodd.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B32101294D1 for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 06:34:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CzvUooJUW_4y for <openpgp@ietfa.amsl.com>; Thu, 16 Mar 2017 06:34:23 -0700 (PDT)
Received: from outmail148107.authsmtp.com (outmail148107.authsmtp.com [62.13.148.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F029129489 for <openpgp@ietf.org>; Thu, 16 Mar 2017 06:34:23 -0700 (PDT)
Received: from mail-c232.authsmtp.com (mail-c232.authsmtp.com [62.13.128.232]) by punt22.authsmtp.com (8.14.2/8.14.2/) with ESMTP id v2GDYLpZ076351 for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:34:21 GMT
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com [52.5.185.120]) (authenticated bits=0) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id v2GDYJqA012256 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:34:20 GMT
Received: from [127.0.0.1] (localhost [127.0.0.1]) by petertodd.org (Postfix) with ESMTPSA id 8A4E7404F7 for <openpgp@ietf.org>; Thu, 16 Mar 2017 13:34:18 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000) id 257FE26A4D; Thu, 16 Mar 2017 09:34:14 -0400 (EDT)
Date: Thu, 16 Mar 2017 09:34:14 -0400
From: Peter Todd <pete@petertodd.org>
To: IETF OpenPGP <openpgp@ietf.org>
Message-ID: <20170316133414.GA3503@fedora-23-dvm>
References: <20170307230605.GA2@hashbang.sh> <87efy8ntcx.fsf@wheatstone.g10code.de> <20170309174531.GB2@hashbang.sh> <20170309184745.GC2@hashbang.sh> <CABcZeBMhpXy-e9Mtp8LwfqfAVW_ks3JBw1H2N3H_0c4gpQBqpg@mail.gmail.com> <DAC23A62-14BF-4AAA-8E52-09029B279E8F@icloud.com> <87varhculg.fsf@wheatstone.g10code.de> <2BC88897-B957-4E4E-B109-DFF4EFA14B4D@icloud.com> <87mvco40xf.fsf@wheatstone.g10code.de> <87mvclwjih.fsf@wheatstone.g10code.de>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="pf9I7BMVVzbSWLtt"
Content-Disposition: inline
In-Reply-To: <87mvclwjih.fsf@wheatstone.g10code.de>
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Server-Quench: 4283f1a1-0a4d-11e7-829f-00151795d556
X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKhNXJkIGTSxQ P1pUaF1JP0tFGxZ8 UiQUWVRVV01wWml2 bwBTbUtYYFRLQQRi VVZIQFJNFgB3AFJH BGlqO2MzBgVHenx1 YwhgW3RcEkB4fUUr Qx9VCG1XYTN9aWFK V11QdQoCbQNKfxpE bVl6AHYIZytlM3Bw LAgrMjYpMi1qYBpY WBoMKlRaHA4IEy90 ThYOVTsuG0IIXT0p Lho6YkYGG14WKUw2 WR9X
X-Authentic-SMTP: 61633532353630.1037:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system.
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/OwbFkTgPVrDwodJYtiuH8IsIv8w>
Subject: Re: [openpgp] Version 5 key and fingerprint proposal
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Mar 2017 13:34:25 -0000

On Thu, Mar 16, 2017 at 12:25:42PM +0100, Werner Koch wrote:
> On Tue, 14 Mar 2017 11:17, wk@gnupg.org said:
> 
> > What do others think:
> >
> >  - Use SHA-256 and truncated to 200 bits
> >  - Use SHA-512 and truncated to 200 bits
> >  - Anything else
> 
> No opinions?

Have you considered making fingerprints a non-hexidecimal encoding, such as
base32? They could be the same size, but with more bits.

Bitcoin Core has done a lot of research lately in creating a good base32
encoding with UI features like single-digit error detection and correction.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

v2.23.0 | Report a Bug | By Email