[messaging] Useability of public-key fingerprints
trevp at trevp.net
Thu Jan 30 17:50:16 PST 2014
On Thu, Jan 30, 2014 at 4:34 PM, Peter Gutmann
<pgut001 at cs.auckland.ac.nz> wrote:
> Trevor Perrin <trevp at trevp.net> writes:
>>(A) Most people will never check or understand public-key fingerprints, so we
>>need something more automatic (eg TOFU and/or trusted infrastructure)
> See for example "Do Users Verify SSH Keys?" (Abstract: "No"),
>>(B) Those users who *are* motivated to deal with fingerprints will be
>>motivated enough to make them work whether 25 or 40 chars, base32 or base16,
> They'll be motivated enough to do some checking, but given result from work on
> fuzzy fingerprints (referenced in the above article) no-one but the most
> singularly OCD will actually do the check properly, i.e. rigorously check all
> 40 characters for every key they deal with.
You're referring to the THC tool, which Daniel also mentioned.
I'm including its examples from the paper and Jon Erickson's book
(compare #1 at the top and bottom of this email, and #2). They're
pretty easy to tell apart, IMO.
But I dunno, maybe I'm wrong. My larger point is that I wish there
were actual user studies and serious research on these questions. And
if that doesn't exist, maybe we should try to encourage it...
More information about the Messaging