WKD hashing choice z-base-32

Bernhard Reiter bernhard at intevation.de
Fri Sep 24 12:41:32 CEST 2021


== WKD protocol

Am Montag 02 August 2021 15:47:03 schrieb Steffen Nurpmeso:
> Yes, no, my problem is about the the special z-base-32 step, for
> which there is no tool around by default.

https://wiki.gnupg.org/EasyGpg2016/PubkeyDistributionConcept?highlight=%28z-base-32%29
documents the reasons for some design decisions, it says:

| The reason for using this encoding instead of a standard hex encoding is to 
| visually distinguish such an item from a fingerprint. Furthermore, in 
| contrast to Base-64 and other Base-32 encodings, z-Base-32 has been 
| optimized for easier human use.   

So it is _not_ a fingerprint. :)
And the hashing and encoding is done to get an equal length string
without funny characters so it can easily be put as files in a directory tree.

== ssh

> But i personally still
> struggle with the base64 that SSH now uses for fingerprinting

For manual visual comparison, using -o VisualHostKey=yes works for me in
many situations.

Bernhard

-- 
www.intevation.de/~bernhard   +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20210924/a3228f9d/attachment.sig>


More information about the Gnupg-devel mailing list