Re: [Sks-devel] exchange of ideas

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] exchange of ideas

From:	brent s.
Subject:	Re: [Sks-devel] exchange of ideas
Date:	Fri, 22 Mar 2019 21:16:10 -0400
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3

On 3/22/19 4:50 PM, fuat wrote:
> Hi everybody,
> 
> Is it a security threat to keep public keys in the sks database in the
> directory as an .asc file?
> 
> Can it be done? Why can not be done?
> 
> What are the advantages and disadvantages?
> 
> I'd appreciate it if you sent me your ideas.
> 

A *security* threat? As long as it's the public key, no.

But you don't really gain anything but problems from it, because:

- the ASCII-armored version of a key takes up more bytes in storage than
the binary format (this is true of any binary => BASE64 conversion,
especially with the headers that ASCII-armored format includes)

- the ASCII-armored version would need to be converted to binary anyways
to properly be parsed by the underlying library (someone fact-check me
on this, I'm about 80% certain on this)

- the underlying library can convert to ASCII-armored anyways for
rendering to clients that request it


-- 
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] exchange of ideas, fuat, 2019/03/22
- Re: [Sks-devel] exchange of ideas, brent s. <=
  - Re: [Sks-devel] exchange of ideas, brent s., 2019/03/22
    - Re: [Sks-devel] exchange of ideas, brent s., 2019/03/22
  - Re: [Sks-devel] exchange of ideas, fuat, 2019/03/22
    - Re: [Sks-devel] exchange of ideas, brent s., 2019/03/23

Prev by Date: [Sks-devel] exchange of ideas
Next by Date: Re: [Sks-devel] exchange of ideas
Previous by thread: [Sks-devel] exchange of ideas
Next by thread: Re: [Sks-devel] exchange of ideas
Index(es):
- Date
- Thread