[zeromq-dev] Proposal for ZeroMQ certificate format

T. Linden tlinden at cpan.org
Fri Oct 18 17:10:33 CEST 2013


On Thu, Oct 17, 2013 at 09:40:01PM +0200, Pieter Hintjens wrote:
> > Nice, glad we're clear now ;)
> 
> We're not quite finished. There's a confusion (also for me) between
> the public key used for encrypting the certificate content, and the
> public key provided in the content itself.

Usually you use the public key to encrypt data for the recipient and not
to encrypt a certificate. 
 
> And we can do verification using a 32-byte value, which is still large
> but doable.

What about using random art for human key verification:

+--[ DSA 1024]----+
|             .   |
|            . .  |
|         . o . . |
|        +.ooo .  |
|       .S+o =... |
|        o. + o.. |
|       . . .o..  |
|      E . ....o  |
|         .  ...o |
+-----------------+

(See: http://www.dirk-loss.de/sshvis/drunken_bishop.pdf).



- Tom

-- 
    PGP Key: https://www.daemon.de/txt/tom-pgp-pubkey.txt
S/Mime Cert: https://www.daemon.de/txt/tom-smime-cert.pem
 Bitmessage: BM-2DAcYUx3xByfwbx2bYYxeXgq3zDscez8wC

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the zeromq-dev mailing list