mircea_popescu: Framedragger ie, there is absolute value, IN words ?
Framedragger: asciilifeform: i claim that one can post actually valuable stuff, seen by other people; and one can post shit, and these categories can be distinguished.
Framedragger: phf: bashing and critique of shitty crypto projects, calling out their authors (see discussions between tptacek and kaepora or however the other dood's nick is spelled) - they're a valuable public service
phf: Framedragger: that's not the only thing mp does though
phf: so in other words he posts to hackernews a lot
asciilifeform: i would even say that the bulk of the real win from phuctor existing is the exposure of the actual allegiances of the so-called 'security experts'.
Framedragger: mircea_popescu: yeah, i mean, the dude thomas p tacek is, at least
Framedragger: phf: matasano crypto challenges and the new crypto ctf thing he and others did (i didn't try it) are a great public service; i mean the challenges start simple in the beginning but if one followed them to the end, actual reading of recent crypto papers would be required etc.; surely that counts as something? he didn't pioneer anything in crypto, sure.
Framedragger: asciilifeform: yeah that is fair, too, though i maintain that anyone using any such implementation is an irrevocable shithead and phuctor won't do them much good anyway - but maybe it will, i don't know; and phuctor is a needed public service anyway (so i'm not arguing against that, ftr)
mircea_popescu: this disregard of the cockroach births register can't possibly be a criticism of me.
mircea_popescu: except from my pov i dun actually care to distinguish the cockroaches to the point of naming them
Framedragger: mircea_popescu: this then is a critique of sks keyservers, strictly. there was a thread on their ML, they rejected the idea of rejecting such subkeys (...)
mircea_popescu: yes, we're adjusting the meaning of rsa-crypto to explicitly not care, as discussed yest. but this is novel.
phf: "could've checked" is the moto of reddit generation
Framedragger: mircea_popescu: okay, fair point, then. i should have checked. (maybe i will, out of curiosity / concern). not that i have *too* much faith in gpg, sure
mircea_popescu: would he truly care then ?
phf: mircea_popescu: in orcland, we have game, we put colored pants on people, and let them be our heroes. their pants distinguish their status in hierarchy
Framedragger: import subkeys with no valid self-sig? or am i misreading what is stated in the article? because to me those statements (in the broader context) are rendered into that meaning precisely.
Framedragger: mircea_popescu: http://trilema.com/2015/more-factored-rsa-keys-and-assorted-other-considerations/#selection-467.207-467.303 << with regards to "may have", can't see how that could be a problem - would be non sequitur masturbation on my part for sure; but the selected text - "Some are not signed at all - which notably means that yes gpg will import, and yes gpg will use." - does gpg actually
mircea_popescu: the... what ?!
mircea_popescu: the one true advantage of irc as we have it is that well... nobody's hanging on this thread.
mircea_popescu: "may have" is the contention ? or ?
asciilifeform: https://news.ycombinator.com/threads?id=asciilifeform << other pinoy engagements re subj.
mircea_popescu: because my recollection is, me/alf/phuctor made some very careful statements, pinoy restated them wronglyt and proceeded to win the war with the strawmen.
mircea_popescu: link to those reports then ?
Framedragger: asciilifeform: apologies if i am mistaken here, but iirc phuctor was reported to have cracked some pgp keys when at that point in time none of the keys cracked had valid self-sigs. the presentation from tmsr (trilema/phuctor) to me appeared to have overstated the results, so to speak. (but then later subkeys with valid selfsigs were found, iirc). this isn't a technical point, i suppose.
mircea_popescu: (other than in a discussion with the sort of imbecile typified today by hasimir, i dunno either of us gives half a shit.)
mircea_popescu: (on the sub-subject of "defending the power of phuctor's results" << it is entirely reactive. just as doctor defending the power of sanitation. in some contexts it's the only thing a doctor can say - and he can be rendered "ridiculous" by insisting on presenting him in that context, but really, the joke's on the unwashed.)
mircea_popescu: there's two classes composing the support there. one, the wider, is plain idiots, of the us business major sort. the other, however, hopes to be saved from some darkness within or i dunno wtf.
mircea_popescu: i perceive the following problem : in my (rightful) bashing of idiocies (allinged around "colored coins", "dao" etc, that jazz) i distinctly hear the crushed hopes of people who look at those as a refuge from something else, specifically. i suspect it's hwqat you call "anarchists"
Framedragger: as in, any claims to the contrary (of the power of those results) are attacked with such force that it hints at some kind of defensiveness; but perhaps this is precisely what it means to have a political position.
asciilifeform: Framedragger: if you have a factual criticism of whichever phuctor output, this here's the place.
Framedragger: there is a danger of one presupposing the veracity of their own's truths, but this isn't exactly an original thought or anything; just, well, i *do* observe yourself and alf defending the power of phuctor's results almost a priori as it were;
mircea_popescu: certainly liked it a shitload more than kruschev's su. which is the fucking point the idiot elides. the LEADER is ~the only concern.
mircea_popescu: asciilifeform only thing is, back then the us was run by reagan and i more or less liked it.
a111: Logged on 2016-07-07 18:09 mircea_popescu: here's something for the historian in alf! there's ancient statement of the principle, recorded in 1970 milwaukee journal : "You make yourself ridiculous by thinking you can do anything. The word is divided in two. The Russians and the Americans, no one else. What are we? Americans. Behind me there is the government, behind the government is NATO, behind NATO is the US. You can't fight us, we are Americans."
mircea_popescu: Framedragger i dun care about all that ; i'm more interested about the philosophic angle to it.
asciilifeform: the one where 'america is with us, you are a fool to resist'
mircea_popescu: trinque yeah, sure, the equivalent of vampyr, the junior high vampire cca 1990. problem is, junior high vampire doesn't actually believe there's 85,7 mn people going to his highschool, nor that the population on campus grounds exceeds that of guangzou
asciilifeform: mircea_popescu: the rando pictures himself as 'playing on the team', like the fat ball game watcher described in mircea_popescu's article on subj
trinque: asciilifeform: they're a class of mimics; of course they don't know or care where facts originate.
mircea_popescu: asciilifeform except it doesn't. it's almost exactly like random third world shithole, where random dude literally dying of hunger imagines "his pronouncement arse outranks mine". and then obv it's unfair when his daughter prefers to run away from home.
Framedragger: (maybe it should be done; but again, it appears to be covered by others, incl. qntra)
mircea_popescu: cuz it's kinda the principle, yes, empire is founded on the principle of "never argue with idiots" : they aim to exhaust everyone who knows better and then do their dumb shit.
Framedragger: nono they do not win; but i don't feel like articulating their shit every time it happens
asciilifeform: re the 'dudebros', it is part of the 'we control the vertical and the horizontal' disease. notice, if you read the heathen log, how... novel, how foreign the idea of ~downloading the keys~ and ~multiplying the factors~ seemed to these folks.
mircea_popescu: Framedragger so they win by exhaustion ?
Framedragger: (also, ha, just saw the star wars parallel)
mircea_popescu marks down august the 17th, that lulzy day when some idjit thought enigmail is "popular"
a111: Logged on 2016-08-17 16:13 mircea_popescu: evidently, the socialist party does the exact same thing. for reasons of habit however, it doesn't irk you when they do it ; only when we do it.
Framedragger: http://btcbase.org/log/2016-08-17#1523089 << point of frustration acknowledged; however, ftr it *does* irk me when $empire$ does it; i don't point fingers at *that* here because there's a point of exhaustion and tiredness re. the latter (*not* learned helplessness / acceptance, note), and it appears to be sufficiently covered by others here :)
asciilifeform: normally i ignore the peanut gallery. on occasion it leaks in through the keyhole (the inmates take the effort to write to me) and so pig fuck visit.
mircea_popescu: but really, obscure open sores neckbeards on a nowhere list ? what the FUCK is wrong with brains that makes them rot so.
mircea_popescu: are these dudebros totally fucking deluded ? for gawker tards to imagine (wrongly) that gawker sees more traffic than trilema is one thing.
mircea_popescu: "I doubt this will ever happen. Even he never cracked any PGP keys at all, the FUD he spread around was a nice way to get some free advertising. Look, people saying his name on gnupg and enigmail lists, which are quite popular I believe."
mircea_popescu: lmao these fucking idiots.
asciilifeform: well i dun have a stable of gurlz, and so end up like the folks in the old german '1 man bands', with toe-operated drum, arse-operated trumpet, cock cymbal, etc.
mircea_popescu: of course, the general point here being that we're seeing a lot of suboptimal allocation. why the fuck are you doing the job of sm gurlz, and poorly, alfie ?
mircea_popescu: there is that.
a111: Logged on 2016-08-17 13:35 boolcrap1: i really need to find my phone tho, is there a tool that can locate metal on the ground in a wide area?
asciilifeform: sorta like the loon in -otc thread, who brought up 'sipa's head' as an... argument
mircea_popescu: evidently, the socialist party does the exact same thing. for reasons of habit however, it doesn't irk you when they do it ; only when we do it.
a111: Logged on 2016-08-17 13:17 Framedragger: asciilifeform: well, it is true that if you use (semi)sane software for dealing with openpgp, all the diddled keys won't cause a problem for ya.
mircea_popescu: http://btcbase.org/log/2016-08-17#1523032 << there is a major difference between scientific speech and political speech. i don't care about the stupid conclusions random nobody arrives at. the moment however he emits judgements of value that happen to contradict mine, i no longer care HOW he arrived at them, merely that he stated them.
mircea_popescu: asciilifeform by now there's a bunch of wanna-be this chan scattered around huh.
asciilifeform took the chance of trying to cure the schmuck, see linked heathen l0g. did not, of course, have any effect.
deedbot: mircea_popescu rated hasimir 1 at 2015/05/21 21:29:19 << Ben McGinnes, aparently the new treasurer of Pirate Party Australia
trinque: there! you see!?
a111: Logged on 2016-08-17 12:54 asciilifeform: ' Hasimir and the "corrupt keys" FUD raised semi-regularly by certain people in another bitcoin channel is just that; ill-informed FUD'
a111: Logged on 2016-08-17 11:45 BingoBoingo: <mircea_popescu> also, remember the pre-attacking mp days of f2pool + antpool ? back in march ? << What? History and the future were ever different from now?
asciilifeform: '“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”'
asciilifeform: <gribble> Sent 12 minutes ago: <Hasimir> Back it up with verifiable evidence, otherwise there's nothing but FUD. If you're serious about proving it, I'll go find the challenges in the archives; if not I guess I'll only see IRC ranting
asciilifeform: <gribble> Sent 13 minutes ago: <Hasimir> a lot of allegations were made based on some corrupted data found on a single keyserver, yet none of the challenges or even queries from regular posters to gnupg-users were even responded to.
asciilifeform: in yet other noose,
asciilifeform: ^ in other noose.
asciilifeform: https://theshadowbrokers.tumblr.com << deleted.
a111: Logged on 2016-08-17 07:16 mircea_popescu: lo and behold that by august those two barely hold on to a third ; and there's a dozen or so pools over 1%.
a111: Logged on 2016-08-17 07:13 mircea_popescu: as there's not a single 0 tx block in there, seems the fee market has actually done a lot to fix various historical mining problems.
asciilifeform: http://btcbase.org/log/2016-08-17#1523011 << afaik there is no fee market. there is folks slicing off underfee'd crapolade ad-hoc, but it is not same thing.
asciilifeform: boolcrap1: the tool is called 'squad of duded with minesweepers'
boolcrap1: i really need to find my phone tho, is there a tool that can locate metal on the ground in a wide area?
boolcrap1: that was the first step.
boolcrap1: i actually finally got a new motherboard
asciilifeform: ditto the null rng keys
asciilifeform: Framedragger: i'm more interested in the 'fact of' somebody taking advantage of the js idiots, than in the item per se.
Framedragger: ("random js pgp crap" does not belong in the "(semi)sane software for dealing with openpgp" set)
Framedragger: asciilifeform: well, it is true that if you use (semi)sane software for dealing with openpgp, all the diddled keys won't cause a problem for ya.
asciilifeform: ' Hasimir and the "corrupt keys" FUD raised semi-regularly by certain people in another bitcoin channel is just that; ill-informed FUD'
thestringpuller: no man's sky is what happens when you try to live off the hype
BingoBoingo: <mircea_popescu> also, remember the pre-attacking mp days of f2pool + antpool ? back in march ? << What? History and the future were ever different from now?
Framedragger: "It takes 4 seconds to generate a colliding 32bit key id on a GPU (using scallion). Key servers do little verification of uploaded keys and allow keys with colliding 32bit ids. Further, GPG uses 32bit key ids throughout its interface and does not warn you when an operation might apply to multiple keys."
a111: Logged on 2016-08-15 13:14 asciilifeform: http://btcbase.org/log/2016-08-15#1521780 << these take at worst a ~week of (a very modest) cpu, to generate.
mircea_popescu: lo and behold that by august those two barely hold on to a third ; and there's a dozen or so pools over 1%.
mircea_popescu: also, remember the pre-attacking mp days of f2pool + antpool ? back in march ?
mircea_popescu: as there's not a single 0 tx block in there, seems the fee market has actually done a lot to fix various historical mining problems.
mircea_popescu: incidentally, what the fuck are people on about with "full blocks" ? past 8 hours average load is 900ish kb.
mircea_popescu: quora, a place for people to be lesswrong together.
mircea_popescu: and in other news from the sisterhood, http://67.media.tumblr.com/45c62719f6c8ded816b1083ae619ff34/tumblr_mhmfbiYIHz1qlnecbo1_500.gif
a111: Logged on 2016-08-17 05:05 trinque: that and the puppeteer's hand up his ass.
mircea_popescu: http://btcbase.org/log/2016-08-17#1522996 << yeah, i yield the point ; seems alf's theory prevails. at some point the guy was gutted, the skin made hand puppet.
a111: Logged on 2016-07-22 12:20 mircea_popescu: http://btcbase.org/log/2016-07-21#1508508 << how about it phf, see the merit of having a111 archive.is every link it sees, downloading the zip and then presenting a [cached] [saved] pair of links after the line ?
mircea_popescu: o btw phf, you aware of http://btcbase.org/log/2016-07-22#1508571 ? you never said anything. more generally, do you see the value in a ticket set for a111 on mod6 's thing ?
a111: Logged on 2016-08-16 21:36 asciilifeform: mircea_popescu: i had two arguments. one is that it dramatically simplifies the design of the cryptotron. (essentially becomes a mildly scriptable bignum calculator.)
mircea_popescu: the more i'm thinking about it, the more it becomes obvious you're trying to split this wood ( http://btcbase.org/log/2016-08-16#1522843 ) in the right place alf.
trinque: that and the puppeteer's hand up his ass.
trinque: http://www.cnet.com/news/snowden-nsa-hack-russia-warning-election-democratic-party/ << Snowden wrote the "circumstantial evidence and conventional wisdom" suggested Russia was behind the alleged hack.
phf: "Our records show that you are the owner of 2 Urbit planets."
asciilifeform: under $8,000 a year. The Olympic Prison promised over 200 new “recession-free” jobs, at a starting salary of $15,000, a huge boon for an area with the state’s highest unemployment rates for much of the ‘70s. "It's the most sensible idea anyone's come up with yet," Lake Placid Mayor Robert Peacock told the media. As manufacturing and agriculture moved out of rural America, the prison industry moved in.'
asciilifeform: http://www.atlasobscura.com/articles/the-time-that-the-us-turned-an-olympic-village-into-a-prison << lulzy. e.g., 'If prison construction in urban and suburban areas triggered not-in-my-backyard backlash, prison construction in rural areas, and upstate New York in particular, became seen as an economic development solution. According to officials of the local antipoverty program, half of Essex County households survived on an income
pete_dushenski: http://www.usglassmag.com/2016/07/breaking-ppg-sells-assets-of-flat-glass-business-to-vitro/ << nuts. mehicanos snap up 100+yo us glass business. not even trump's wall can stop pesos from being launched over the border.
pete_dushenski: asciilifeform: i seem to recall that kako was 'audiophile', which lends some credence to your theory
asciilifeform: removal thereof.
a111: Logged on 2016-08-16 22:31 mircea_popescu: sure, they could. what's keeping them from propagating into "your" transformer ? will github ban them if they don't respect notions of propriety ?
asciilifeform: http://btcbase.org/log/2016-08-16#1522921 << veblenism (e.g., audiophilia, homeopathy, etc.) is a disease caused by idiot coming into possession of money. and there is only ONE cure.
trinque: nbd, just saw it while in there
BingoBoingo: trinque: Thing will likely be staticified at some point. Tis the juggler's ball of least concern.
trinque: BingoBoingo: thedrinkingrecord.com/feed/ is shitting mysql errors
mircea_popescu: oh, the item simply doesn't exist down here.
pete_dushenski: http://www.recode.net/2016/8/16/12504008/univision-is-buying-gawker-media-for-135-million << in other darkness news
shinohai: the mp-wp rss feed worked out of box for me
BingoBoingo: <trinque> your thing shat non-ascii << AHA, pete_dushenski's rss has long been the bane of town crier bots
mircea_popescu: and in other great successes of provisioning, i fucking found horseradish. i rule.
a111: Logged on 2016-08-16 14:45 asciilifeform: so now the octopus tendrils proclaim, that he died of dope, http://publicaddress.net/speaker/the-uncomfortable-silence
trinque: well mine's easily fixed; however, I'm putting it here show that this is the kind of moron busywork that comes of taking something like RSS as bedrock
pete_dushenski: trinque: what am i looking at there ?
a111: Logged on 2016-08-16 01:35 mod6: <+pete_dushenski> mod6: pleased to report that 99994k spins up on deb7 without fuss. only comment would be on 'trb-howto' to suggest '-lows' command when booting bitcoind for the first time. << hey! Thanks for testing that!
mircea_popescu: sure, they could. what's keeping them from propagating into "your" transformer ? will github ban them if they don't respect notions of propriety ?
mircea_popescu: i don't get this nonsensical theory. Electromagnetic interference from appliances being used by neighbors could propagate through a shared transformer and have an audible effect. Thats not an unreasonable thing.
a111: Logged on 2016-08-16 22:20 pete_dushenski: sonal transformer—that thing shaped like a cylindrical metal garbage can—which feeds power more directly from the grid.'
pete_dushenski: sonal transformer—that thing shaped like a cylindrical metal garbage can—which feeds power more directly from the grid.'
pete_dushenski: 'The 82-year-old lawyer already had a $60,000 American-made amplifier, 1960s German loudspeakers that once belonged to a theater, Japanese audio cables threaded with gold and silver, and other pricey equipment. Normal electricity just wouldn’t do anymore. To tap into what Mr. Morita calls “pure” power, he paid $10,000 to plant a 40-foot-tall concrete pole in his front yard. On it perches his own per
pete_dushenski: http://www.wsj.com/article_email/a-gift-for-music-lovers-who-have-it-all-a-personal-utility-pole-1471189463-lMyQjAxMTE2MzE4NjExMjY1Wj << in other 'that's it i'm making my own' news
pete_dushenski: trinque: ftr, i appreciate your contributions. goodness knows you save me the effort of manually dropping contravex links in here myself. plus authing! and searching! /me would be up shitcreek sans paddle w/o deedbot.
trinque: y'know, I publish to date the simplest ball of code ever to IRC-bot and all you people want me to do is polish some w3c dumbshit's standard
asciilifeform: pete_dushenski: good chunk of folk went through entire ww2 with a suspended death sentence, because there was elementarily no replacement for them.
BingoBoingo: http://qntra.net/2016/08/github-enforces-usg-nsa-copyright-and-other-lols-roundup-xtendd/
pete_dushenski: but that falling asleep at one's lookout post is punishable by death has been sop from day one in most every culture worth the mention. even canada.
pete_dushenski: ^contained therein is a translation project for readers of 'traditional' chinese script. my connex seem to think it's gibberish, but 'moar eyez halp' (tm) (r)
pete_dushenski: http://www.contravex.com/2016/08/16/cn-sms-mitm/ << because deedbot fell asleep on the lookout tower, a capital offence!
mircea_popescu: well no, jurov compiles the client for windows with something ; iirc llvm also worked.
asciilifeform will have usable measurements, packaged with code which produced them, by end of month.
asciilifeform: speaking of this, where did we leave off there
mircea_popescu: there's a time for that. some spaces really could do without a lot of cruft.
asciilifeform: as mircea_popescu can probably tell, i really loathe publishing half-cooked items.
asciilifeform: i suppose i ought to dust off an' publish the 'p' demo.
mircea_popescu: i'd like to leave this matter open for further thinking.
asciilifeform: another is specificity-of-diddling.
asciilifeform: mircea_popescu: i had two arguments. one is that it dramatically simplifies the design of the cryptotron. (essentially becomes a mildly scriptable bignum calculator.)
mircea_popescu: just make new keys, why carry along the twin headed eagle of austria.
mircea_popescu: should we tomorrow move to cs crypto, there'd be no reason to "upgrade" "extant" rsa keys.
asciilifeform: incidentally usg is so mortally afraid of reconfigurable crypto that it is SPECIFICALLY banned in the export ban list.
mircea_popescu: yes, but i suspect we solve all that through not including idiocy in the spec.
mircea_popescu: there is that.
mircea_popescu: and i would propose this as an example of the pernicious effects of category 3 of bad stuff selfsig did. it made people think "key" is "identity". when in fact it's algo->key.
mircea_popescu: yeah, been thinking about that. my current idea on the topic being - that it's stupid to do THAT, because the key is subnode not overnode of algo.
mircea_popescu: so then. i dunno anything cleanner than this, myself.
asciilifeform: including, recall, even ability to specify a new crypto algo in the key itself.
mircea_popescu: moreover, asciilifeform , the design doesn't PREVENT me from signing my own fp and publishing the fp - e,N,c set so signed.
mircea_popescu: this is an argument no different from "oh but mp, why http://trilema.com/2014/spamming-reddit-an-experiment/ it will just increase the "activity levels" on site". i'm sure it will.
asciilifeform: consider, not 1 of the popped keys belongs to a 'human' in the sense of somebody we know via wot.
asciilifeform: in this case what is the use of phuctor ?
mircea_popescu: we do that across the board. help it feed hurts it.
asciilifeform: well mircea_popescu can specify 'i dun care what happens to the 10,001' idiots
mircea_popescu: but we're not here to serve the consumer. we're here to make things right.
mircea_popescu: the "noob can't think" argument can be used by me too, you know.
mircea_popescu: lol. hence all the stuff on phuctor.
asciilifeform: if i substitute mp@nsa.gov for the polimedia.us, selfsig barfs.
mircea_popescu: the above was re encryption.
asciilifeform: you sign with the pubmod and e.
asciilifeform: the one nitpick is that you cannot sign with an fp.
asciilifeform: (recall, it is quite simple to generate the public modulus from it)
asciilifeform: mircea_popescu: what would enemy win if he ~could~ reconstruct the one element he cannot derive from the ciphertext, the userid string ?
mircea_popescu: and importantly, to continue this discussion asciilifeform , enemy can not reconstruct fp on the basis of intercepting your comms to me.
mircea_popescu: otherwise, you can check jack.
mircea_popescu: and you can check that it is, but only BECAUSE you are you and have them both.
phf: asciilifeform: wouldn't there just be a process to work with primes primes directly?
mircea_popescu: asciilifeform not manually ; but you will get a notification from me saying "please use 54kh6kl54j3l45 instead of ,mn54,35lkjh4l3 from now on. it's the same modulus".
asciilifeform: sooo if mircea_popescu gets a new userid (say he throws out his polimedia domain because dns is run by hitler) i have to compare the mods manually ?
mircea_popescu: as they say, "save this sort of idea for when your father gives you your part of heavenly kingdom"
phf: well, primes stand on their own, then there's clientside mapping mp -> sexp of primes. anything else can be distributed by any other channel, including "with key", signed by the primes.
asciilifeform: rather, it was a kind of strong checksum.
asciilifeform: mircea_popescu: if phrased this way, it sounds quite laughable. but this was never the point of selfsig
mircea_popescu: asciilifeform the "selfsig" comes in the form of "i obtained this key of mp from verified channel to mp".that's the sig.
asciilifeform: mircea_popescu: i quite agree. if mircea_popescu wants to distribute his own key without selfsig in the sexpr, he is welcome to.
mircea_popescu: phf they COULD just have made that "Comment" in some serialization and did the fp over it like i propose and been scott free.
phf: mircea_popescu: oh bunch of random shit, first name last name comment date generated random DOS era flags. all the stuff that's been brought up before
asciilifeform: but it do NOT see the win from letting any arbitrary bit of binary garbage pass itself off as a valid rsa key + userid set.
asciilifeform: phf: i have no dispute re packaging the sig separately.
mircea_popescu: phf what meta ? the comment ?
mircea_popescu: this is the problem with socialist solutions : they cap the benefit certainly ; and offer some solution that half works. so you've traded the long tail of the future for the guarantee of current failure.
mircea_popescu: the one thing you can't do is - SELF SIG.
mircea_popescu: what the fuck is a "self sig" ?
mircea_popescu: 3) as it's theoretically nonsensical, it feeds a bunch of idiotic yet unconscious expectations in the mind of the user. i am well convinced that the general "i'll pull myself by own breeches" attitude of "creative" people is both due to and resulting in the gpg selfsig
asciilifeform: well, the way it is done in gpg (rsa sig of sha1) is indeed retarded
mircea_popescu: as it's not acctually correctly designed it 1) creates false sense of security ; 2) creates unnecessary byzantinism and "can't pop the hood on this"
mircea_popescu: sure. some classes : as it's unnecessary in the discussed scheme, it 1) adds weaknes through requiring unneeded computation ; 2) gives crevice for shitgnomery for no reason (see anvin bs) ; 3) possibly creates weakness through unnecessary computation on key generation
mircea_popescu: i want it to work this way though. if you take away my comment from my key and add something about how "miss piggy is the hawtest!!1" it's not, in my view, the same item.
asciilifeform: the 'fp as authenticator' only works if you, as mircea_popescu suggested, hash over the id string.
asciilifeform: issue remains with the first time you encounter a modulus/fp set.
mircea_popescu: anyway, fp is "checksum" de facto - if your modulus rotted it will no longer match the fingerprint
mircea_popescu: it's not "the sks server" that is retarded. is the concept of machine-spread rsa key that's retarded ; much in the way of "machine-generated trust", be it embodied in "dao" or "colored coins" or "safe bitbet"
mircea_popescu: anything they know works.
asciilifeform: who, then, can ?
mircea_popescu: and you ask the owner "is this right"
mircea_popescu: how da fuck did you get the key ?
asciilifeform: having folks 'die and reborn' because they switched email hosts is braindamaged.
mircea_popescu: a) it becomes no longer obvious for enemy whether key is or is not = key he wants to look for.
asciilifeform: selfsig, on other hand, covers whole thing.
asciilifeform: there we go.
mircea_popescu: and for the record, base-tmsr=` !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_abcdefghijklmnopqrstuVWXYZ{|}~`
asciilifeform: 'saving bits' belongs at ~that~ layer, not in the crypto format.
asciilifeform: btw if somebody wants to gzip the sexpr and base-whatever it, nobody keeps him.
asciilifeform: where book-length turd specifies how the bigint bits must be stored, etc.
asciilifeform: well ~having~ an 'armourer format' implies the whole bag of shit.
asciilifeform: i.e. the whole fucking rfc4880/2440 business.
asciilifeform: the reason i favour sexpr is that 'magic format fields' are retarded.
gribble: The operation succeeded.
asciilifeform: why have the blob code/decode gymnastics at all.
asciilifeform: the structure - as sexpr.
asciilifeform: with the moduli, in, yes, hex
asciilifeform: why not go the next step and have human-readable key.