log☇︎
146100+ entries in 0.093s
trinque: http://btcbase.org/log/2017-08-28#1704268 << seems entirely related. asciilifeform says no names because can't derive name from the math. ☝︎☟︎
asciilifeform finds that the l0gz do not currently contain a full description of rsa
asciilifeform: does mircea_popescu know a proof that i cannot choose an alternate e that will result in a pubkey that 1) verifies some or all of the existing signatures made with his genuine e + 2) verifies another, which he did not produce ?
mircea_popescu: that's unrelated to this conversation. N is not a hash, it's the modulus.
asciilifeform: the use of a hash ( i.e. item guaranteed not to be 1:1 mapping ) to 'reference unambiguously' to something, is a fractionalreserveism.
mircea_popescu: well, and having "asciilifeform" or "17215D118B7239507FAFED98B98228A001ABFFC7" is having no portion of the pubkey.
asciilifeform: if e is free variable ( vs. '65537 4evah 4all' ) then having n is having half a pubkey.
mircea_popescu: in any case. there's no requirement that you be able to use the word "car" to go shopping in it ; and similarily there's no requirement that you be able to use a key's fingerprint to sign, or check signatures with it. the intention of the fingerprint is to permit you to reference a specific key unambiguously to a third party, such as when asking for it.
mircea_popescu: we don't agree on how that changes anything.
mircea_popescu: but this dun include es, pictures, nicks, other comments. it includes N.
asciilifeform: above however was written prior to discarding 'let's all 4evah use 65537'
mircea_popescu: as i said, making the modulus be the name has its advantages.
a111: Logged on 2017-04-09 14:45 mircea_popescu: asciilifeform incidentally, the more i think about it the more i'm convinced the ONLY "fingerprint" for rsa key may be... the modulus. 4096 bits and fuck you, if you can't take 32 chars you don't belong here.
mircea_popescu: well, at first it was about lobbes warning people not to rely on the "control dials" as provided by koch-gpg, for being unreliable ; then you wanted to talk about fps and then at some point and without warning anyone apparently pivoted to talking about pubkeys and signatures.
asciilifeform: what then, instead, about fram, ursul polar ?
mircea_popescu: what's signing got to do with the discussion ?
asciilifeform: the pubkey is the man. per mircea_popescu's own theory and practice.
mircea_popescu: how do you even put up with "asciilifeform" in the first place ? shouldn't it be stanisalvborninodessaandflownbyparentsacrossseaatcostofsellingitemsfromhouseandalsodoesntlikewashingtondcandhasagirlandahouseblablabla ?
asciilifeform: like knife exists solely to cut.
asciilifeform: crypto sigs are to be unambiguous. is the entire point of'em.
mircea_popescu: i had nfi you object to names as a matter of principle.
asciilifeform: as i see it it's an arbitrary turd.
trinque: all deedbot is offering up is an identifier within its own namespace for the - yes - full key
mircea_popescu: i'm not even sure i want gossipd lines to be longer than irc.
mircea_popescu: the fact that we're still using a what was it, 400 char line protocol has some bearing on what we call things.
asciilifeform: however they don't use hashes, so no collisions
asciilifeform: ( they die faster than born , so no shortages )
asciilifeform: mircea_popescu: why not take to logical conclusion : 1 bit : 1 == mircea_popescu , 0 == everybdy else, lol
mircea_popescu was rather toying with the idea of standarizing ben_vulpes 's identifier thing across teh republic.
asciilifeform: dun matter for how long it was state of the art in my chukchistan.
mircea_popescu: so what does this practically do ?
asciilifeform: after bath (ffa) is built, i have 0 intention of continuing to rub against tree trunk to clean.
trinque: I'll go change to to encode the FP as repititions of the string "cocks" to signify
mircea_popescu: i woder what has to happen for it to stick.
mircea_popescu: asciilifeform you're evidently buying, seeing how, let's do it the third time...
asciilifeform: the historic 'it wasn't visible broken in my face' can justify any kind of shitcrypto, the use of winblowz, whatever customary syphilis . i ain't buying.
mircea_popescu: but somehow commerce hasn't come at astandstill by the fact that you can call a folded sheet of paper as well as a 100`000 ton transport item "boat"
a111: Logged on 2017-06-21 14:33 mircea_popescu can buy used cars. CARS. because i bought and own hundreds. i can't buy fucking used boats, and i doubt you can (or would, or do for that matter) buy used cars.
mircea_popescu: $0 usd gets you a "boat" in the sense you contemplated back at http://btcbase.org/log/2017-06-21#1672940 ☝︎
asciilifeform: you build bridge for 500 tanks, not for the wheelbarrows crossing river to date.
asciilifeform: that nobody saw it fit yet to do this in front of asciilifeform's face, is neither here nor there
mircea_popescu: if the above read, like ben_vulpes 's paste, five letters in base64, we'd be none the poorer.
asciilifeform: are we building a thousand year reich or not, lol
mircea_popescu: let's redo this exercise
asciilifeform: has yet to materialize to naked eye.
mircea_popescu: the detriment has yet to materialize.
asciilifeform: with this argument you could justify arbitrarily breakable fp, say.
mircea_popescu: this isn't something to be bruteforced through protocol. people can keep cabbage in pots labeled sugar all they want.
hanbot: mircea_popescu> i am (i guess?) proud to say that ro pron party included womenz to my knowledge. wtf is the point without, they jack off on the zacusci ? << issat a typo or is a jacuzzi fulla zacusca a thing?!
mircea_popescu: so trinque gets a notification that hey, you got the wrong ITEM stored under reference X.
asciilifeform: mircea_popescu's key with altered pubexp is a valid key, and not mechanically distinguishable from the original's in the absence of sigs.
mircea_popescu: that this reference is not functional, which is to say does not substitute for the thing it references, is a trivially true and entirely spurious observation.
mircea_popescu: there can be no doubt as to which key is being referenced if the reference consists of modulus.
asciilifeform: it does no such thing .
asciilifeform: it is relevant to the screaming wrongness of http://btcbase.org/log/2017-11-08#1734499 statement. ☝︎
mircea_popescu: much like whether fps are or are not useful wasn't discussed by anyone but yourself. the original problem was that gpg unreliably reported "key doesn't expire" to lobbes , when in fact it did expire.
mircea_popescu: whether e is or is not part of pubkey was not at any point discussed by anyone other than yourself ;
asciilifeform: not knowing the e has exactly same effect as not knowing half of the n. ☟︎
mircea_popescu: NO, this doesn't explode to where everey possible PROPERTY of the item is now also going to be detailed in the name.
mircea_popescu: yes, koch fps are ineptly chosen names. yes there's value in having a biunivocal name-item relation by default.
asciilifeform: enemy can offer a diddled key with your n but his e, that he can decrypt encrypts to.
mircea_popescu: make an effort and distinguish betwen the thing and the thing's name.
asciilifeform: the historic cheat was to standardize the e. which imho was retarded.
mircea_popescu: but a third party asked for N knows WHAT key is being discussed. which is the point of labeling keys.
asciilifeform: so they are both rightfully part of a pubkey.
asciilifeform: just same as if you did not know the n.
asciilifeform: not deliberately, lol. but if you don't know my e , you can't encrypt to me.
mircea_popescu: asciilifeform what, we're going to share Ns now ?
mircea_popescu: nevertheless, there's no doubt as to which key is in discussion.
asciilifeform: review the algo.
mircea_popescu: this complete identification may not include automatically the irc name, or the exponent, or the user's dog's picture
mircea_popescu: you are confusing the label with the contents.
a111: Logged on 2017-11-08 21:46 mircea_popescu: asciilifeform there's no need to include the exponent. if ppl don't know what exponent to use for a certain modulus, let them find out.
asciilifeform: http://btcbase.org/log/2017-11-08#1734480 << how are they to find out ? by same argument you could as easily say 'post first half of modulus, let'em look for other half' ☝︎
mircea_popescu: on which topic, i suppose also related http://trilema.com/2015/and-then-she-went-splat-on-the-asphalt/#selection-413.0-413.67
mircea_popescu: sure. but more generally, the names of things respect the rules of grammar, not the rules of mechanics.
trinque: right, I could as well use nick for that, since it's a non-colliding namespace for those
mircea_popescu: which reduces to "there ARE practical limits to labels for things ; and they are unrelated to the sizes of the things, i expect the WORD for ant, dick, car and aeroplane to all fit the ~5.6 characters rule as universally enforced in alphabet"
mircea_popescu: but if you come up with the idea that "you know what, alf can have whatever kilometric hash and in my deedbot implementation ima use the first 100 chars and that's that" im not gonna bitch.
mircea_popescu: yes, obviously we would use deflation, say baseblabla to fix this up to a point.
mircea_popescu: what happens if FC66C0C5D98C42A1D4A98B6B42F9985AFAB953C4 is longer than a chat line ?
mircea_popescu: !!key trinque
mircea_popescu: trinque the argument is that check this out :
mircea_popescu: asciilifeform unless the fucking fp can fit in irc, we're stuck building gossipd before using this "Actual thing"
mircea_popescu: asciilifeform there's no need to include the exponent. if ppl don't know what exponent to use for a certain modulus, let them find out. ☟︎
ben_vulpes: and if it's not important enough to push a valid key through the cracks of the sybil wall, i guess it wasn't actually important enough.
ben_vulpes: even the mail! gotta keep the lizards on their toes.
trinque: I yet await the tale of the man who used the expiration field to his benefit.
ben_vulpes: and then send a few messages to your counterparty and get confirmation that they decrypt, and ask for the same
lobbes: asciilifeform> afaik we dun use 'key servers' for anything no moar << at least for this exercise, I was using it for quick verification of what my exported pub looked liek imported on something that was not on my local machine.
asciilifeform: observe the mendacious idiocy of koch's signature code, where if sha1 hash collision is found , can forge sigs ~regardless of what sig algo hashing was set to~
asciilifeform: how you keep straight the contents of own household, is none of my business
asciilifeform: and you're welcome to hash on own end, 'in harem'. just don't refer to my key as its hash, it is unseemly
davout: spotting small differences in a 2048 blurb subjectively sounds impractical to me
a111: Logged on 2016-12-27 05:28 asciilifeform: anything else puts a megatonne of weight on one single hash, a titanic reward for finding one single solitary collision, hashes (which are voodoo, in all variants, see friday's thread) are not built to withstand this kind of pressure.
trinque: what's this practicality argument? the paste is longer?
davout: "my cunthash256 is abcd", what's wrong with that
asciilifeform: hashes are voodoo, there is not a hash of demonstrable strength for the same reason there is not block cipher of same ( they are different sides of same medal, we had thread with elementary proof )
asciilifeform: davout: it has to be a fixed in advance hash function.
asciilifeform: yes indeed the Actual Thing costs moar than the plastic doll.