On Thu, Jan 30, 2014 at 5:06 AM, Ximin Luo <[email protected]> wrote: > > However, I don't think we'll ever get rid of *all* fps. So we should try to > improve these as well. These are two distinct topics, there is no conflict.
Yeah, I mostly agree with how Moxie frames this [1]: (A) Most people will never check or understand public-key fingerprints, so we need something more automatic (eg TOFU and/or trusted infrastructure) (B) Those users who *are* motivated to deal with fingerprints will be motivated enough to make them work whether 25 or 40 chars, base32 or base16, etc. But I disagree with Moxie's conclusion that it's not worth improving useability. If we can make the UX for (B) easier and less error-prone we should do so. -- Someone offlist pointed out a couple studies that are a bit relevant, though not focused on fingerprints: http://www.cypherpunks.ca/~iang/pubs/otr_userstudy.pdf http://cups.cs.cmu.edu/soups/2009/proceedings/a11-kainda.pdf -- People brought up formats designed for visual or spoken presentation: - SSH randomart - PGPfone, S/Key, or Koremutake wordlists I share Daniel's skepticism about randomart and Robert's skepticism about wordlists [2,3]. These schemes don't seem like much of an improvement over alphanumeric text, even in their chosen domain. And they're much more awkward outside it (speaking a randomart, or fitting, say, 20 words into a text field). -- If we're back to text, there's still things to explore: * Nathan points out vanity hashes used for Tor hidden services, where someone varies the to-be-hashed data and does trial hashing until they find a fingerprint that encodes their name or a value they like the look of [2]. That idea of spending more cycles up-front to search for a "better" fingerprint is pretty interesting. You could do it a couple ways: (1) Search for a hash value that starts with, say, 20 bits of zeros, then don't encode them in your fingerprint (as the receiver can assume them). This fits a larger effective fingerprint into a smaller one, so you need fewer chars. (2) Search for a value that encodes into a base32 fingerprint with an alternation of vowels and consonants, on the theory that our brains can "chunk" pronounceable sounds more easily (?) * Robert suggests using irregular-sized groups of characters instead of fixed-length groups to make it harder for people to get confused about which group they're transcribing or speaking. That seems novel and easy to try. * Alphabet selection is an another question. I like base32, but the RFC 4648 version is what people have in libraries, and the 'l' is an unfortunate lowercase character in a lot of fonts... Trevor [1] https://moderncrypto.org/mail-archive/messaging/2014/000011.html [2] https://moderncrypto.org/mail-archive/messaging/2014/000013.html [3] https://moderncrypto.org/mail-archive/messaging/2014/000010.html _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
