We can use almost anything as the separator except for
It can't be @ (reserved for use as a separator)
It can't be ! (legacy of UUCP)
It can't be : or . (used in IP addresses)
It can't be - or _ (widely used already)
It can't be % (used as escaping in URIs)
It can't be < or > and probably not [({ })] either
That leaves very little. I dislike $.
I chose ? because it poses a problem for the NSA to decrypt which is a
reasonable mnemonic.
The other options I looked at were =, &, ^, *, +, #
Could do # I guess. But that will create issues with URI encoding (so will
?)
I think one big advantage of the approach is that it is easy to explain
that the gobbledygook in front of the name represents the encryption key.
Now it is really an index to the key rather than the key itself, just like
the DNS 'address' is actually an index not an address.
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
