phf: asciilifeform: for the record there's not a single line of ffi in ironclad. we've had this conversation before
phf: it also has rsa, but ~rsa~ only, i.e. no openpgp containers, etc.
phf: re "liberty with whitespace" there's something else going on. it's doing everything through unsigned-byte 8
mircea_popescu: i have nfi why it was even specified other than a love of bloat. all the bs 224 384 blabla does not belong. either you word allign or go away.
mircea_popescu: i see the link. i suspect variant sha512 implementations.
mircea_popescu: "The SHA-1 is used to compute a message digest for a message or data file that is provided as input. The message or data file should be considered to be a bit string. The length of the message is the number of bits in the message (the empty message has length 0). If the number of bits in a message is a multiple of 8, for compactness we can represent the message in hex. The purpose of message padding is to make the total lengt
mircea_popescu: h of a padded message a multiple of 512. The SHA-1 sequentially processes blocks of 512 bits when computing the message digest. The following specifies how this padding shall be performed. As a summary, a "1" followed by m "0"s followed by a 64-bit integer are appended to the end of the message to produce a padded message of length 512 * n. The 64-bit integer is l, the length of the original message. The padded message is the
mircea_popescu: check that out, there's no actual fips 180 past 1 published online. because why the fuck would there be. anyway, i can't source this "The SHA512/384 spec says that the final bit length of the message is to be stored as a 128-bit (!) integer at the end of the message." assertion. as best it can be determined the blocks are either 512 (for sanity) or 1024 bits (for 384 hmac etc)
phf: nah, it's gotta be online
mircea_popescu: also if they "publish" it in klyngon, or in cuneiform, or etcetera. published means it works on computers.
mircea_popescu: (in principle the off-bits versions, 299, 511, whatever monkey numbers should be merely truncated versions of the immediately above hash. but who even knows by now.)
phf: (i remember there being a standalone sha256 (?) version for sbcl, but i can't find it now. everything crypto that's coming up re lisp is ironclad.)
mircea_popescu: pete_dushenski you know ftr sourdough is supposed to be made at home.
pete_dushenski: mircea_popescu: i guess too busy making lasagna and quiche (like rest of tmsr!). homemade nanaimo bars too.
pete_dushenski: they're often either too sweet or too buttery but can be made to be quite tasty by savvy bakers.
pete_dushenski is also spending holiday time shopping for boxen on which to run eulora because mac hack is more hassle than it's worth.
pete_dushenski: this is only partially disappointing because i) no one ever said macs were computers anyways, and ii) who doesn't like new toys ?
pete_dushenski: holy fuck are they cheap too. boxes that were $8k a decade ago are now cad$100. basically free.
pete_dushenski: naturally, the deal is being sweetened : ""All those who invest in Bitstamp on the BnkToTheFuture platform before midnight 1 January (UTC -12) can now get 12 months of anti-dilution protection on their investment!"
☟︎ mircea_popescu:
http://btcbase.org/log/2016-12-26#1590742 << and in typical fashion of the utterly imbecile "average joe", the idiots wish to opine about the viability of mpex, where no issuer EVER diluted, and say nice things about pure and simple scams with free dilution a la twocan exchange.
☝︎ a111: Logged on 2016-12-26 06:07 pete_dushenski: naturally, the deal is being sweetened : ""All those who invest in Bitstamp on the BnkToTheFuture platform before midnight 1 January (UTC -12) can now get 12 months of anti-dilution protection on their investment!"
mircea_popescu: then they wonder why the barriers in front of them are only going up. because seriously, who could POSSIBLY not want anything to do with idiots this idiotic. who! who!
mircea_popescu: in other news, holy shit the white house interiors are an abomination. there's flea markets more tastefully arranged by the process of randomly unloading vans what the fuck.
mircea_popescu: and in other lulz : jonathan pollard, a guy who stole and sold (to israle, and to others) all sorts of holies of the usg (including the nsa's utterly ridiculous 5k page manual on "how to conduct signals intelligence" - no part of which is actually useful in practice much like satoshi's bitcoin miner code is not used by any actual bitcoin miners) was released in 2015 (with much gnashing of teeth, because back whgen he was conv
mircea_popescu: the usgians of course don't want him to be released, so they have this parole thing where he can't leave the us "for five years" and "can't use internet or give interviews" etc. the stance was challenged a few months ago on the correct basis that "nothing he stole or could have stolen 30 years ago is still secret today". nevertheless clapper chose to perjure himself by swearing for the judge that on the contrary, the usg actu
mircea_popescu: the judge ate it, of course, but let it be pointed out this is so fucking ridiculous as to defy any reason. there is NO information privy to the USG that is secret from the world, except by case of obscurity.
Framedragger: is there a tmsr keyserver, in the sense of one being able to link to a gpg fingerprint known to WoT, as a permalink?
Framedragger: i mean, a way to request full public key, with some stable/deterministic permalink url format.
mircea_popescu imagined everyone knows about that owing to his constant usage.
shinohai: BingoBoingo: the text is the same as the article I submitted earlier?
BingoBoingo though it was weird mp would submit altcoin followup
phf: it follows the existing naming convention of thing-genesis with "genesis" reserved for trb
mircea_popescu: incidentally, patches currently can be arbitrarily renamed with no visible effects is it ?
☟︎ scriba: Logged on 2016-12-26: [18:24:39] <mircea_popescu> Framedragger phuctor's best we got atm.
Framedragger: ben_vulpes what mp said; yeah it's useful, but knowable-beforehand
http endpoint has its merits :)
mircea_popescu: note that because of alf's more complex hashing scheme you actually get closer to "permanent" urls than the imperial key servers can get.
a111: Logged on 2016-12-26 18:28 mircea_popescu: and it's not deterministic url.
trinque: could as easily switch to asciilifeform's hashing scheme. is it described somewhere?
Framedragger: (so, hash of modulus and concat(userstring, "; ") it seems)
trinque: asciilifeform: will this hash format be something meaningful once folks switch to using P for RSA ?
Framedragger: imho hash format makes sense - it's just modulus and arbitrary 'user' field. dunno if it's still wanted to just have e,N,comment but if so, comment could be userstring in terms of mapping fingerprints to new rsa format.
mircea_popescu: would work. moreover the scheme is flexible enough to allow for later extension
mircea_popescu: (if "userstring" is redefined to be for eg "a";"b" items nothing breaks.)
Framedragger: quite! i'd say it's flexible and elegant (in terms of minimal complexity) enough
Framedragger: in P, alf wants to have hashing func etc be defined within the key itself. but maybe all that is not relevant for the purposes of a universal fingerprint scheme.
Framedragger: (well, the scheme as proposed does use a particular hashing func (sha256), so that part is contestable i suppose.)
mircea_popescu: in principle the e, N part can be arbitrarily lengthy, with the semantizating convention that "e" represents "settings" and N represents "values". should be perfectly possible to describe any future key in these terms irrespective of cryptosystem.
mircea_popescu: ie, if P uses 8 boolean flags and 31 one byte settings then e can be a 32 byte value
Framedragger: (one more note, even if alf or sb protests use of particular hashing func for fingerprint scheme, the fact of the matter is that one does kind of require for a universal fingerprinting scheme to exist.)
jurov: have you considered using N alone as the ID? or it's impractically long?
a111: Logged on 2016-11-23 16:14 asciilifeform: 'key fingerprint' is a broken concept.
Framedragger: iirc 'user' field was needed as multiple different keys belonging to different users may have same N
Framedragger: but then again, perhaps in tmsr-semantics, it *is* the same key :)
jurov: there are some other semantics where it's considered different key?
Framedragger: well. for one, it's nice if you can distinguish between different keyholders, no? in the particular case of ssh-rsa keys, "which ip used this key?"
Framedragger: if fingerprint == N, it cannot distinguish between different referents, so to speak
Framedragger: all this while acknowledging that if you have same N, you have, *for practical purposes*, same key. but maybe i've messed it up in my head.
Framedragger: (so i don't know. maybe 'keyholder' is really not a property of a key. which i guess it isn't; so maybe i'm just generating noise)
jurov: and what are you actually building here? what is the cause? to make ornithological observations "this key was spotted at address X at time Y" or something?
jurov: you surely know at least this
jurov: i was thinking we're in keyserver context, not ^ this
Framedragger: original query re permalinks for WoT keys was a practical use case of being able to point someone to a key in WoT
Framedragger: contexts inevitably switched when 'fingerprinting scheme' discussion enters
Framedragger: but you're right, i suppose i have ornithology in mind here, which is not relevant. that's a separate thing, really. it's exactly an observation which shows an association (key <-> holder at some point in time).
jurov: I hope the answer to "two distinct people in wot having the same N" is clear.
Framedragger: with regards to keyserver, my use of them makes me biased in the sense of thinking of keys as necessarily having user IDs in them. "key has some particular holder". not really the case i guess :)
Framedragger: right.. "it's the same person, for our purposes."
jurov: to say it from another angle, you don't (and can't) have persons in the database. it's all just a key with some tags attached, not the other way around
Framedragger: thanks for clarifying... so then it's just the same key. and things like 'IP of this key' really is a separate matter. (it was put into gpg user field as a matter of convenience of course.) should have been obvious...
Framedragger: i guess one may have a database of keys, as well as a table of signed-with-key nicknames which establish someone claiming a nickname for key? sort of gns. alternative scheme is to have any kind of aliasing be local, as per gossipd. less convenient for things like looking up nickname in wot.deedbot.org of course.
jurov: that's up to you how you normalize it. i see three levels - the public key itself (N), any additional information needed to verify signatures (e), and everything else
shinohai: !!trilema 838E50C4AE5BAB4067827E49C62FE266448F4691791B561A69425F5F85313FDF
shinohai: !!v 838E50C4AE5BAB4067827E49C62FE266448F4691791B561A69425F5F85313FDF
deedbot: shinohai updated rating of diana_coman from 1 to 2 << Eulora trades always fair and fortunate.