asciilifeform: as mircea_popescu can probably tell, i really loathe publishing half-cooked items.

asciilifeform: i suppose i ought to dust off an' publish the 'p' demo.

asciilifeform: nah

asciilifeform: it isn't so big.

asciilifeform: or if he wants to use sha512 on thursdays and keccak on tuesdays, also can.

asciilifeform: e.g., if mircea_popescu wants to use a hash algo of his own design, with ben_vulpes's pgptron, he can.

asciilifeform: another is specificity-of-diddling.

asciilifeform: mircea_popescu: i had two arguments. one is that it dramatically simplifies the design of the cryptotron. (essentially becomes a mildly scriptable bignum calculator.) ☟︎

asciilifeform: incidentally usg is so mortally afraid of reconfigurable crypto that it is SPECIFICALLY banned in the export ban list.

asciilifeform: (recall how sha1 ended up perma-fixed in pgp.)

asciilifeform: problem is that key handling mechanisms tend to get baked in.

asciilifeform: fair'nuff.

asciilifeform: including, recall, even ability to specify a new crypto algo in the key itself.

asciilifeform: i've favoured a maximally-configurable design for quite some time.

asciilifeform: 'who are these people and wtf do you care what happens to them.'

asciilifeform: it is a question i get asked quite often.

asciilifeform: consider, not 1 of the popped keys belongs to a 'human' in the sense of somebody we know via wot.

asciilifeform: in this case what is the use of phuctor ?

asciilifeform: we aren't here to serve the idiots. but why help the meat grinder feed ?

asciilifeform: well mircea_popescu can specify 'i dun care what happens to the 10,001' idiots

asciilifeform: aha. nearly all of it is predicated on broken pgptrons that don't check sigs.

asciilifeform: if i substitute mp@nsa.gov for the polimedia.us, selfsig barfs.

asciilifeform: not with classical gpg format

asciilifeform: he is now free to distribute 10,001 mutated copies of mircea_popescu's key, with user id 'mp@really-mp-bunker.com' and chumps, who were never properly introduced to mp in meatspace, will send mail to this addr, where it will be transparently forwarded to mp with new headers.

asciilifeform: mircea_popescu: you take an inch from enemy, but give him many more: ☟︎

asciilifeform: you sign with the pubmod and e.

asciilifeform: the one nitpick is that you cannot sign with an fp.

asciilifeform: (recall, it is quite simple to generate the public modulus from it)

asciilifeform: mircea_popescu: what would enemy win if he ~could~ reconstruct the one element he cannot derive from the ciphertext, the userid string ?

asciilifeform: sooo if mircea_popescu gets a new userid (say he throws out his polimedia domain because dns is run by hitler) i have to compare the mods manually ?

asciilifeform: 'this item assures me that it has such-and-such structure.'

asciilifeform: rather, it was a kind of strong checksum.

asciilifeform: mircea_popescu: if phrased this way, it sounds quite laughable. but this was never the point of selfsig

asciilifeform: mircea_popescu: i quite agree. if mircea_popescu wants to distribute his own key without selfsig in the sexpr, he is welcome to.

asciilifeform: but it do NOT see the win from letting any arbitrary bit of binary garbage pass itself off as a valid rsa key + userid set.

asciilifeform: phf: i have no dispute re packaging the sig separately.

asciilifeform: well smart money bets that it isn't keygen-side (or it would have valid new sigs.)

asciilifeform: if selfsig did not exist, we would have considerably less clue re where 'mirrorolade' came from.

asciilifeform: it is a checksum.

asciilifeform: (sha1 thereof, rather.)

asciilifeform: in gpg it is rsa sig of all the bits in the turd other than itself.

asciilifeform: waiwat?!

asciilifeform: (yes you can swap out sha1 for 512 in own sigs, but what if i want to sign ACTUAL datum, not hash?)

asciilifeform: but so is all pgp signature, in nearly same way.

asciilifeform: well, the way it is done in gpg (rsa sig of sha1) is indeed retarded

asciilifeform: reasons.

asciilifeform: for my edification, can haz some ?

asciilifeform: well selfsig prevented this.

asciilifeform: the 'fp as authenticator' only works if you, as mircea_popescu suggested, hash over the id string.

asciilifeform: issue remains with the first time you encounter a modulus/fp set.

asciilifeform: this doesn't exist in our universe.

asciilifeform: srsly we're talking 1500+ y.o. tech.

asciilifeform: even talmud had checksums.

asciilifeform: realize that when it is moved from place to place via whatever mechanism, it will rot.

asciilifeform: and modularly-exponentiated also in wetware ?

asciilifeform: magical cable that transmits 0 error ?

asciilifeform: who trade keys using what ?

asciilifeform: who, then, can ?

asciilifeform: and he asks 'which this'

asciilifeform: i keyed it in from a napkin, say.

asciilifeform: how will you detect rot ?

asciilifeform: mircea_popescu: no selfsig in a hand-keyed item is suicidal.

asciilifeform: having folks 'die and reborn' because they switched email hosts is braindamaged.

asciilifeform: selfsig, on other hand, covers whole thing.

asciilifeform: the e and the N. (in the case of rsa.)

asciilifeform: idea is that a fully uncompressed, dearmoured, etc. key will be a sexpr.

asciilifeform: mircea_popescu: i suppose it doesn't, does it.

asciilifeform: there we go.

asciilifeform: 'saving bits' belongs at ~that~ layer, not in the crypto format.

asciilifeform: btw if somebody wants to gzip the sexpr and base-whatever it, nobody keeps him.

asciilifeform: where book-length turd specifies how the bigint bits must be stored, etc.

asciilifeform: well ~having~ an 'armourer format' implies the whole bag of shit.

asciilifeform: i.e. the whole fucking rfc4880/2440 business.

asciilifeform: the reason i favour sexpr is that 'magic format fields' are retarded.

asciilifeform: and we will go broke over telegraph time, sending a few moar bits ?

asciilifeform: why have the blob code/decode gymnastics at all.

asciilifeform: the structure - as sexpr.

asciilifeform: with the moduli, in, yes, hex

asciilifeform: why not go the next step and have human-readable key.

asciilifeform: y'know, if yer gonna have keyboard-typable format for keys,

asciilifeform: lel, not to a lisp programmer!1111

asciilifeform: and what did 96 ever do to mircea_popescu

asciilifeform: why forsaken 33-35 ?

asciilifeform: which 90 ?

asciilifeform: 56 - i have nfi, who ever used, for what.

asciilifeform: pgp - base64 for armourgrams.

asciilifeform: bitcoin used base68 for addrs.

asciilifeform: (who and where is using base56 ??)

asciilifeform: mircea_popescu: you mean 58 ?

asciilifeform: ( we dun even know whether hashes work !! )

asciilifeform: 'key id' is a heavy burden to put on a poor old hash.

asciilifeform: mircea_popescu: with a hash that long, you may as well simply display the modulus.

asciilifeform: because It Never Happened! And If It Did, We Had It First! And Better! And Hanno Boeck! And Who Were Those Terrorists Again?

asciilifeform: (even now, observe the pains to which the supposed 'luminaries', e.g., the kernel folk, go, to avoid mentioning phuctor)

asciilifeform: just not, for some reason, publicly discussed.

asciilifeform: it's been a thing, for eons.

asciilifeform: (one of the first phuctor finds)

asciilifeform: phf: recall the faux peter anvin key ?

asciilifeform: which is where we get the mirrored keys on phuctor.

asciilifeform: sks, lulzily, continues to insist on displaying the short fp.