On May 4, 2009, at 2:22 PM, Daniel Kahn Gillmor wrote:
On 05/04/2009 01:38 PM, Werner Koch wrote:
Using a number (2) and, say, a dot as a prefix would be a better
choice.
We use algorithnm numbers anyway and OpenPGP users are used tp
spell a
large row of hex digits; we would only confuse them with an S and
an H..
ok, that works for me. would the prefix be in hex or decimal? for
example, would an SHA512 fingerprint look like
a.
3dd7a2cb8f9e51f2fc096e7022a8192099aa89e10c699e46223851cc36f406b1beb734d5a7da0d8ebc08cc37e30088300c7a9ae81ba7ab758047a89cfa191aff
or
10.3dd7a2cb8f9e51f2fc096e7022a8192099aa89e10c699e46223851cc36f406b1beb734d5a7da0d8ebc08cc37e30088300c7a9ae81ba7ab758047a89cfa191aff
Ugh. that's horrifically long either way. Is a base64 encoding worth
considering? it would shave off a third of the length, but it seems
like it would introduce significant ambiguity (0 vs O, A vs a, etc)
I'm sure there is a study somewhere that says just how long of a
string a human being can handle without getting lost, but even without
such a study I can say that 512 bits is just too long for usability.
If you think about it, the whole point of fingerprints is that they're
a short way to refer to a key. If we make them too long, we're
hurting the very thing that fingerprints were created for.
"3dd7a2cb8f9e51f2fc096e7022a8192099aa89e10c699e46223851cc36f406b1beb734d5a7da0d8ebc08cc37e30088300c7a9ae81ba7ab758047a89cfa191aff
" is not exactly the kind of thing someone could print on a business
card or read to a corespondent over the phone.
David