Fingerprint algorithm and SHA-1 usage [was: Re: SHA3 IANA registration - method?]

Christian Aistleitner christian at quelltextlich.at
Tue Dec 18 20:52:50 CET 2012 

Hi Andrey,

On Mon, Dec 17, 2012 at 02:16:21PM -0800, Andrey Jivsov wrote:
> On 12/15/2012 06:03 AM, Christian Aistleitner wrote:
> > [3] Shameless plug: You can for example allow others to avoid SHA-1 at
> > key-signing parties, by adding additional (non-standard) SHA-512
> > fingerprints to your paper slips:
> >    http://openpgp.quelltextlich.at/slip.html?key=8421F11C&format=pdf&variant=SHA512,A4R,sparse
> > as described here
> >    http://openpgp.quelltextlich.at/slip.html?query=0x8421F11C#faq-additional-digests
> 
> If I understand your proposal correctly, you are changing the hardwired 
> SHA-1 fingerprint to SHA-512 without metadata/agility.

And I am not suggesting to trade hardwired SHA-1 for hardwired
SHA-512. I'd be against doing this.

Best regards,
Christian


P.S.: The paper slips generated by above's service do contain metadata:
The additional SHA-512 part contains a link to the patch on how to
verify the non-standard fingerprint.

Those non-standard SHA-512 fingerprints serve two purposes:
* It allows SHA-1 averse people to participate in current key-signing
  parties.
* It shows people what checking a SHA-512 hash may amount to. Thereby
  it invites for discussions about fingerprints and concepts on how to
  exchange keys. And --- *surprise* :-) --- it seems hexadecimal
  encoded 512-bit hashes are beyond what most people want to compare
  by hand. But additionally putting a 2D Barcode encoded hash on the
  slip may do the trick.



-- 
---- quelltextlich e.U. ---- \\ ---- Christian Aistleitner ----
                           Companies' registry: 360296y in Linz
Christian Aistleitner
Gruendbergstrasze 65a        Email:  christian at quelltextlich.at
4040 Linz, Austria           Phone:          +43 732 / 26 95 63
                             Fax:            +43 732 / 26 95 63
                             Homepage: http://quelltextlich.at/
---------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: </pipermail/attachments/20121218/9046723b/attachment.pgp>

More information about the Gnupg-devel mailing list