> On Nov 19, 2014, at 1:26 PM, Tony Arcieri <[email protected]> wrote: > > On Wed, Nov 19, 2014 at 10:22 AM, Tony Arcieri <[email protected] > <mailto:[email protected]>> wrote: > I was thinking more of Twitter > > Specifically, why not tweet a key fingerprint and linked to a signed proof > instead of tweeting a signature?
The tweeted hash is computed over the key fingerprint and the signature. The tweet is the (truncated) SHA-256 of a PGP message. The PGP message, once uncompressed, has 3 packets: (1) a signature header; (2) the literal data containing a JSON object; and (3) the signature itself. Your PGP key fingerprint is specified in packet (2), along with other stuff about your Keybase identity and your signature chain. I was proposing to add the SHA-2 (or SHA-3 or Shake256) of your key fingerprint to the JSON object in packet (2), to mitigate the SHA-1 2nd preimage attacks that you proposed.
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
