[messaging] Useability of public-key fingerprints

Michael Rogers michael at briarproject.org
Thu Jan 30 11:06:50 PST 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 30/01/14 13:06, Ximin Luo wrote:
>> Think about speaking to a stranger over a bad phone line. Digits 
>> can be communicated fairly efficiently in groups of two or
>> three. Letters require the phonetic alphabet, and if you don't
>> both know that the other person's familiar with it, that means "a
>> for alpha, b for bravo" rather than "alpha, bravo". If you have
>> to pronounce lowercase and uppercase as well, something like
>> base58 becomes less time-efficient than decimal digits.
>> 
> 
> If we agree on a standard, this sort of information would be more 
> in the "public cultural background", like the words in a real 
> dictionary. This benefit can turn out to be even more important 
> than any minor differences between two schemes.

I think that might be optimistic - the phonetic alphabet has been
around for a long time, and has far more uses than comparing
fingerprints, but it's still not so widely known that you can assume
any random person you want to share information with will know it.

> However, I don't think we'll ever get rid of *all* fps. So we 
> should try to improve these as well. These are two distinct
> topics, there is no conflict.

Good point, sorry for muddying the waters.

Cheers,
Michael


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBCAAGBQJS6qLKAAoJEBEET9GfxSfMNy4H/0bm6Zd2NgsQFdawAH3azFjb
bR5J8fkdLBkAIAhToAzfZOv7Oksh1fpKnkBay2EsHo8ZCgGCq5yOPmyTEc4vCpt6
v8fKLbATIydOVUo2WB6QP84DYxJAuAM6B/+SR7wRM086Zo/iDoMIwhcU5CK8Mm5h
g+Twk18i1TssZUv9GWwRJqBVKHzT3hwjTB+Kz6gpqzcKdxMWglXJ1TYvjXVsYoEf
k40yjpD4OmdpHzVSGF8dLjX3CAAOBrWWN3w6du+aSdpPkIzGP9YPMw6tYI4s6Ro8
0BaShUUpeOF18ps9+3aHJ2JvJVJKVwezY7kIyeWrolwPFbe7wyzRI9tPwJTwnpA=
=+mLZ
-----END PGP SIGNATURE-----


More information about the Messaging mailing list