[146501] in cryptography@c2.net mail archive
Re: [Cryptography] Thoughts about keys
daemon@ATHENA.MIT.EDU (James A. Donald)
Sat Aug 31 23:40:37 2013
X-Original-To: cryptography@metzdowd.com
Date: Sun, 01 Sep 2013 13:02:26 +1000
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
In-Reply-To: <20130901011648.GI13556@yuggoth.org>
Reply-To: jamesd@echeque.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 2013-09-01 11:16 AM, Jeremy Stanley wrote:
> At free software conferences, where there is heavy community
> penetration for OpenPGP already, it is common for many of us to bring
> business cards (or even just slips of paper) with our name, E-mail
> address and 160-bit key fingerprint. Useful not only for key signing
> (when accompanied by photo identification), but also simply allows
> someone to retrieve your key from a public keyserver and confirm the
> fingerprint matches the one you handed them.
The average user is disturbed by the sight a 160 bit hash.
When posting graphic images on my blog, I have to name the image twice,
once when I store it on my website, and once when I reference it in a
post. Despite the fact that the names are meaningful and human
readable, and the total number of images is not unreasonably large, I
find it quite difficult to enter exactly the same name the same way
twice. Much of the time the image mysteriously fails to appear, even
though I cannot see any typo, the two spellings right in front of me
look exactly alike.
The end user's instinctive fear of 160 bit hashes is well founded..
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
