[zeromq-dev] Proposal for ZeroMQ certificate format
Tony Arcieri
bascule at gmail.com
Tue Oct 15 20:12:36 CEST 2013
On Tue, Oct 15, 2013 at 10:59 AM, Pieter Hintjens <ph at imatix.com> wrote:
> While I'm not defending MD5 at all, can a forgery m' have the same size as
> m?
>
Yes.
As far as I can see, the signature has to be short enough to verify by
> hand. SHA256 would produce 32 bytes; just the same as verifying the
> CURVE key by hand.
>
I didn't realize you were just calculating a key fingerprint. I don't see
the point of doing that for Curve25519 keys, given their short length.
--
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20131015/8e92d3fc/attachment.htm>
More information about the zeromq-dev
mailing list