IETF-SSH archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Key fingerprints?



Mouse <mouse%Rodents-Montreal.ORG@localhost> writes:

> - I'd like to collect specifications for the various fingerprint
>    formats in use, with an eye to publishing them in some form,
>    preferably with test vectors.  I can do the collecting and
>    collating, and, in a minimal form, the publishing (a text file up
>    for FTP or HTTP fetch); if these are considered valuable enough,
>    someone else might want to publish them in other way (such as,
>    perhaps, an Informational RFC).

GNU lsh displays openssh-style md5 fingerprints, and ssh.com-style
"bubble babble". E.g., lsh --sloppy www.lysator.liu.se shows

  Received unauthenticated key for host www.lysator.liu.se
  Key details:
  Bubble Babble: xemoc-kovyp-nehoz-zacod-mohek-hurep-hybag-hizog-fahob-dydug-sexix
  Fingerprint:   18:2a:ea:db:b5:1f:f2:83:fb:d0:24:45:f8:9a:fc:d6

There are no deep thoughts behind this, just an attempt to be compatible
with what others do.

> - I'd like to come to some kind of agreement for how to compute and
>    represent fingerprints in a way that's a bit more future-friendly
>    with respect to hash algorithms than just printing hashes in hex.

I'm kind-of skeptic to displaying the fingerprint in some form
intuitively recognizable and rememberable by humans. So I think the
primary use case is for the user who actually have the expected
fingerprint written down and wants to compare it to what's displayed on
screen.

I totally agree it would be nice to standardize the fingerprints. I
think it would make sense to

1. Use a stronger hash function than md5, and if standardizing something
   new at this time I think it's prudent to also choose something
   stronger than sha1.

2. Consider carefully what length of the fingerprint really is needed,
   and if we think something shorter than 256 bits is good enough,
   truncate the output of sha256 or sha3-256 or whatever function is
   chosen.

3. Use some more compact and/or more readable alphabet than hex. I don't
   have an informed opinion on whether or not things like bubble-babble
   or the "random ascii-art" thing really helps users.

Regards,
/Niels

-- 
Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26.
Internet email is subject to wholesale government surveillance.



Home | Main Index | Thread Index | Old Index