Re: [GNUnet-developers] host key storage format

[Christian Grothoff]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 21 January 2003 07:54 am, Glenn McGrath wrote:
> I can see from comments in hostkey.c that in moving to support openssl
> and libgcrypt, that there is a problem brewing over the format that the
> host key is stored in, and the encoding used on it.
>
> If the format is going to have to be common to both libraries, would it
> make more sense to use an existing standard, like the format ssh or gpg
> uses ?

The goal for this comment was to be eventually able to have everything be 100% 
compatible between 0.5.0 and 0.5.1 (or whenever we switch from OpenSSL to 
libgcrypt). This way, nobody needs to get a new hostkey (so far, all GNUnet 
releases have used the existing hostkey format and thus trust was accumulated 
from 0.0.1 to 0.5.0; it would be great if we can support that hostkey format 
in the future, too).

About switching to standards, have a look at this:

address@hidden grothoff]$ ls -l .ssh/identity
- -rw-------    1 grothoff grothoff      992 Jun  8  2002 .ssh/identity
address@hidden grothoff]$ ls -l .gnunet/.hostkey
- -rw-------    1 grothoff grothoff     1170 Nov 12 19:19 .gnunet/.hostkey

So by the looks of it, the GNUnet format stores *more* information about the 
key than the SSH format does (both are mostly binary formats and the GNUnet 
format has actually fewer bytes used for headers). The reason is, that GNUnet 
stores some extra values from the private RSA key that can then be used by 
OpenSSL to speed up public key operations. By the looks of it, the SSH key 
does not contain some of these.

Christian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+LaGm9tNtMeXQLkIRAtyFAJ4l4mrkjJT3eQE58486O+U/YiarJwCeO28N
telOwAtlQCgzVM46kzfGjuI=
=4ttE
-----END PGP SIGNATURE-----