[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Sks-devel] exchange of ideas
From: |
brent s. |
Subject: |
Re: [Sks-devel] exchange of ideas |
Date: |
Fri, 22 Mar 2019 21:16:10 -0400 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.3 |
On 3/22/19 4:50 PM, fuat wrote:
> Hi everybody,
>
> Is it a security threat to keep public keys in the sks database in the
> directory as an .asc file?
>
> Can it be done? Why can not be done?
>
> What are the advantages and disadvantages?
>
> I'd appreciate it if you sent me your ideas.
>
A *security* threat? As long as it's the public key, no.
But you don't really gain anything but problems from it, because:
- the ASCII-armored version of a key takes up more bytes in storage than
the binary format (this is true of any binary => BASE64 conversion,
especially with the headers that ASCII-armored format includes)
- the ASCII-armored version would need to be converted to binary anyways
to properly be parsed by the underlying library (someone fact-check me
on this, I'm about 80% certain on this)
- the underlying library can convert to ASCII-armored anyways for
rendering to clients that request it
--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info
signature.asc
Description: OpenPGP digital signature