On Thu, Mar 13, 2008 at 10:02:56PM +0100, Daniel A. Nagy wrote:
And while we are at it, I would suggest to express V5 fingerprints (as well
as key IDs) either in octal or in decimal. This is not a cryptography issue
(*), but a usability issue on (typically mobile) devices with numeric-only
keypads. As an added benefit, it would make the keyID ~ telephone number
metaphor more sustainable.
For such a decision, OpenPGP could earn the ethernal gratitude of the entire
telecom industry.
The current hex method is nicely dense: 8 characters gives you 32
bits, which is enough (today, anyway) to find and disambiguate keys in
virtually all cases (once the key is found, of course, we have the
64-bit key ID). If you are restricted to the numbers 0-9, those 8
characters only give you a bit more than 26 bits, so there would be a
greater chance of collision. You'd need to go to a 10-digit decimal
key ID to cover the same space as the 8 character hex ID. 10
characters isn't too bad.
It would be interesting to write a test against the keyservers to see
how much of an issue this really is. It would also be interesting to
see if someone (the phone companies?) has done a study on how many
digits people can easily remember.
As it happens, my key id is all decimals anyway...
David