[146440] in cryptography@c2.net mail archive
Re: [Cryptography] Why human-readable IDs (was Re: Email and IM are
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Wed Aug 28 11:52:58 2013
X-Original-To: cryptography@metzdowd.com
Date: Wed, 28 Aug 2013 11:52:38 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Jerry Leichter <leichter@lrw.com>
In-Reply-To: <C163E8FE-EB88-477A-B798-E52848B8E20D@lrw.com>
Cc: "Wendy M. Grossman" <wendyg@pelicancrossing.net>, cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Wed, 28 Aug 2013 10:24:43 -0400 Jerry Leichter <leichter@lrw.com>
wrote:
> > I wouldn't know how to trust publication online in the first
> > place.
>
> In exactly the same way you trust paper publications that contain
> today's style of addresses.
But I don't. As I said, I typically get a friend or collaborator's
email address from them or from someone else I know. I don't get them
from paper publications, or QR codes. Often as not they are literally
written on cocktail napkins at conference receptions.
> > "Perry Metzger's email is <big string>"
> > "How do I know that's true?"
> And exactly how is this different from "Perry Metzger's email is
> perry@piermont.com"?
If you meet me and I say it to you, I'm probably reasonably correct
about it. If you ask a mutual friend what it is (possibly by email),
they're probably reasonably correct.
> A minority of people have addresses that are easy to remember.
That's not true, actually. I know because I make a habit of not using
an address book in my mail program. In any case, "easy to remember"
isn't the issue, "easy to scribble down accurately" is.
> Most - by far the majority - have some random-looking set of
> letters and digits with some part of their first or last name or a
> nickname embedded somewhere inside at gmail or yahoo or some
> institution.
So, I just did a check. I have a file with all the addresses I care
about in it (I manually cut and paste them into email when I want
to.) It has 625 addresses in it. Of those, 47 have digits in them. I
note that the vast majority of those are addresses of people at
Columbia University, which has a particularly bad naming system but
where I have a lot of correspondents. Of the rest, the majority are
things like "matt@example.com", or "joe.example@gmail.com" -- easy to
write on a cocktail napkin.
I note exactly none of the addresses contain 10 digits of base 64.
Even the numeric ones are things like "jrn26" for someone with those
initials, which is pretty easy to scribble down.
> Frankly, I have trouble remembering the last time I got someone's
> email address by having them tell it to me.
For me, it was Monday, over the phone.
Anyway, we both have our opinions here, I'm sure we're not going to
come to a single agreement. I'm implementing something based on my
hunches, I invite others to do the same.
Let a thousand flowers bloom...
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
