[Top] [All Lists]

Re: [openpgp] Fingerprints and their collisions resistance

2013-01-06 00:28:58
On 01/05/2013 07:19 PM, Jon Callas wrote:

On Jan 5, 2013, at 3:22 PM, Daniel Kahn Gillmor wrote:

iirc, there was a rough consensus within this working group that this
was probably a mistake in RFC 4880, and any future revision of the draft
should place the full key material into the revocation key subpacket
instead of the key's fingerprint.

I was about to comment that if we move on shifting to ECC keys as per Andrey's 
work on them, we could just about eliminate fingerprints and just use the keys.

Also, the point compression patent expired last year.


BTW, here is my current contribution to the process of making OpenPGP data structures most compact: . It's a generic format that can be used anywhere: X.509, DNS, etc. Realistically, I hope that designers of new protocols at IETF will consider this (more superior to SEC1 :-)) proposal...

Back to OpenPGP, there is certainly a need to have most compact keys and messages, and this is one of the advantages of the ECC keys. It's remarkable that one can have a 32 byte public key of AES-128 strength and my proposal lays the groundwork to make this happen in OpenPGP (v.s. the current 65 bytes).

Given that OpenPGP messages are very compact by design, everything fits nicely together.
openpgp mailing list

<Prev in Thread] Current Thread [Next in Thread>