Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

As a member of the encrypt-everything clique I have to say, though Moxie has a point, Gnupg is infinitely better than alternative of nothing at all. Until someone comes up with a solution that preserves its power and flexibility and marries it with a functional UX -- I shall keep using it


I kinda like the solution of embedding public keys in email addresses:

name+8znBcmtXJ2ZeSn7fWVCGfpQI9HnJH1pNBPK397SGrT8=@gmail.com

Sure, you'll never actually tell someone this, but it's short enough to copy/paste.


With modern ECC this is actually feasible.


Yeah, that's an actual ECC public key in my example above.


I'd recommend going base32 instead of base64 (case sensitivity won't screw anything up) and not padding with = characters. I know not padding violates RFC 4648 but I don't know anyone who's used to a = in their email address.


Base32 would be too long, but maybe the equals sign could be elided, yeah.


Base58 it is, then (no non-alphanumeric characters so you can double click and it will select the whole string, no similarly-looking characters you could mistype (1 and l, 0 and O...))

(https://en.wikipedia.org/wiki/Base58)


Isn't IBE quite slow? And also it requires a third party for keygen and so on.


What is IBE and who said anything about it?

I was talking about EdDSA.


IBE is Identity Based Encryption, and it allows you to use your identity (name, email, etc.) as your public key.

There's nothing special about EdDSA compared to other digital signature schemes.

EDIT: Oh, I realize you were saying that ECC allows much shorter public keys than most signature schemes.


I like the idea, but you'd be amazed at how many databases only allow 30 character email addresses, or javascript email validators that don't recognize "+" as a legal character.


Someone has started building this:

https://github.com/diafygi/emailpk


I've always wondered if there was a way to transmit the public key in the SMTP envelope, to make it easier to share keys.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: