I'll let you read the article first. The confidentiality is one issue, fingerprinting is another.
On Tue, Oct 15, 2013 at 8:30 PM, Tony Arcieri <[email protected]> wrote: > On Tue, Oct 15, 2013 at 11:28 AM, Pieter Hintjens <[email protected]> wrote: >> >> The key itself may be encrypted; there may also be metadata that is >> also encrypted. The goal is to allow verification out of band that the >> entire package wasn't replaced by a fraudulent version en-route. > > > If your goal is to keep the public key confidential, I'd suggest using > either SHA256 or Blake2b. > > -- > Tony Arcieri > > _______________________________________________ > zeromq-dev mailing list > [email protected] > http://lists.zeromq.org/mailman/listinfo/zeromq-dev > -- - Pieter Hintjens CEO of iMatix.com Founder of ZeroMQ community blog: http://hintjens.com _______________________________________________ zeromq-dev mailing list [email protected] http://lists.zeromq.org/mailman/listinfo/zeromq-dev
