[Babel-users] [babel] BASE64 and hex encoding HMAC keys for user presentation
Juliusz Chroboczek
jch at irif.fr
Sat Dec 22 16:25:43 GMT 2018
> I would like the bird and babel implementations to allow for and use
> BASE64 and hex encodings.
> This allows for a shorter, more human friendly representation of both
> cryptographically generated keys and the keys humans are more likely
> to remember and type without error. In the latter case, guidelines as
> to length, mixed case and punctuation would be useful.
I think that the HMAC key should be generated automatically. I'd hope
that any actual production deployment of HMAC would generate HMAC keys
either randomly or by using a suitable KDF (or whatever the right acronym
is) and distribute it automatically.
(At the current time, I'm not advocating designing a key distribution
protocol to go with HMAC -- I'm in favour of using a centralised script
that uses ssh to distribute keys. Please see https://cr.yp.to/djbdns/tcp.html)
So no, I'd rather not encourage people to generate HMAC keys manually.
-- Juliusz
More information about the Babel-users
mailing list