Skip to content

README.md mention usign #45

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
aperezdc merged 2 commits into from
Mar 6, 2024
Merged

README.md mention usign #45

aperezdc merged 2 commits into from
Mar 6, 2024

Conversation

@stokito
Copy link
Contributor

@stokito stokito commented Sep 29, 2023

The usign was already discussed in #29 but missing in the README.

I trying to understand and have some stupid question.

  1. Why not just to use gpg? Is anything wrong with the gpg except of it's size. So far it looks like the gpg didn't supported the ed25519. It supports them today but you still need to use some extra options.
  2. Why the signify .sig files aren't compatible with PGP format? As far I understood the gpg sig files are slightly bigger and have more fields [1]
  3. Similar question but for key files: they have own format and my file manager doesn't recognize them as key files and doesn't show an icon for example. Also the secret file must have the .sec extension while usually the secret files have .key prefix.

I really don't like that in such critical things like cryptography so easy to mess with something because so many programs that duplicates each other, lack of interoperability and tutorials differs significantly.

[1] https://www.rfc-editor.org/rfc/rfc4880.html#section-5.2.3

@stokito
README.md mention usign
4e546fa 
The usign is another signify clone
@stokito
Update README.md: mention Minisign
89d9f3e 
It was discussed in #20
@stokito
Copy link
Contributor Author

stokito commented Oct 24, 2023

Answering to my questions: the GnuPGP didn't supported the ed25519 and overcompensated. Today it's not that big problem but anyway it would be better to use a more standard PKCS#7 detached signature .p7s file.

aperezdc
aperezdc approved these changes Mar 6, 2024
View reviewed changes
Copy link
Owner

@aperezdc aperezdc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @stokito

@aperezdc aperezdc merged commit 3edcd38 into aperezdc:master Mar 6, 2024
@stokito stokito deleted the patch-1 branch March 7, 2024 08:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aperezdc aperezdc aperezdc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@stokito @aperezdc