[clug] request for comment: new keysigning protocol

Nemo Maelstrom Thorx nemo at nemo.house.cx
Sun Feb 7 19:17:29 MST 2010

On Mon, Feb 08, 2010 at 12:50:38PM +1100, Kevin Pulo did utter:
> >
> > I think there would be alot of visual shortcutting through simple
> > pattern comparisons. And since 0-9A-F has little in the way of obvious
> > O/0 mixups to occur, it shoulnd't be too hard. _especially_ if all are
> > printed in the same font/size. :) An argument might be able to be put
> > forward to providing ones key on semi-transparent paper for such needs
> > in fact. Only if the font sizes were guaranteed to be identical though
> Yes, I had thought of putting the key fingerprints onto transparencies
> for comparison purposes.  But there are other problems in addition to
> having the same font and size.
> The main one I can think of is where one letter is a subset of
> another, eg. a 0 on the transparency may perfectly cover a C and
> appear to be fine.  Similarly E/F and 3/B/8, if the people checking
> aren't careful when lining things up.
> So you would probably actually need both fingerprints to be on
> transparencies, in strongly contrasting colours (including for colour
> blind individuals), and then check the fingerprints both ways (with
> each on top) against a plain background...  and now it's starting to
> get cumbersome again...
> Kev.

Oh, good points. I wonder if there is (or would be a usefully large
market for) a font specifically designed so that no characters are
subsets of any other, and all similar characters have relatively clear
distinguishing features.

I wonder if you could attack a keysigning by writing a postscript
program that noticed when it was printing keys, and randomly changed
a few characters... (I imagine the problem would be getting such an
program loaded in memory of postscript printers... might be viable at
a university or large shared office however...


  ------------------------------------------ --------------------------
                                                    earth native

More information about the linux mailing list