On 17 Jan 2002 09:52:24 -0500, Derek Atkins said:
You probably do not want to assume that the fingerprint is 20 octets
long; fingerprints on v3 RSA keys are only 16 octets long. So, your
Left pad them with zeroes and store the fingerprint as meta data with
the keys or index a DB using the fingerprint. It might even be easier
to require the use of v4 keys.
You probably want to send along the keyID as well as the fingerprint.
Frankly, I suggested to drop the keyID because the few extra bytes for
a fingerprint are not an issue and it makes the code easier if we only
have to lookup by fingerprint.
Most implementations can only lookup a key based on the keyID. As a
Then they should be fixed. To lookup by keyID you have to calculate
the fingerprint anyway for v4 keys. And there won't be many v3 keys
in use with TLS.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus