It seems like I’ve seen several of these over the years when a patch to parse comments would probably be simpler and less of an anti-pattern. What am I missing here?
Edit: or a config dir that allows multiple key files.
My reasoning is that the full public key could be seen as a 256 bit fixed prefix, but knowing the public key is meant to give no information about the private key by design.
If it were, then public keys could be shorter by the same amount and still provide the same level of protection.
But by design they are not.
Let's say that I magically manage to find a private key whose public key has a chosen prefix that is the entire length of the key - i.e. the entire key is vanity. Something like myveryveryveryverylongvanitypublickey. Is that equivalent to a 0 length public key in terms of security? I'd say obviously not - there is still no way to get started when it comes to finding the private key.
Perhaps they already have reversed it because they guessed it might be desirable. Or maybe it has numeric properties which make it specifically easy to reverse (perhaps why you were able to discover it yourself).
(Also note that selecting the entire key to be vanity doesn't reduce the entropy to 0, just to the entropy of the vanity phrase. So a full vanity key may be equivalent to something like a 32-bit random public key.)
Take note, Discord.
I highly recommend Legcord[1] - it's a alternative, open-source client that has very good ARM builds
burnt-resistor•8mo ago
rgovostes•8mo ago
wiktor-k•8mo ago
yjftsjthsd-h•8mo ago
GPG keys aren't 2038-safe?
dijit•8mo ago
RFC 1991 only gives them 4 bytes (32bit); not sure if there have been any later additions to rectify this but I don’t think so since even the latest RFC (9580) has them listed as 4 bytes…
https://datatracker.ietf.org/doc/html/rfc1991
https://www.rfc-editor.org/rfc/rfc9580#section-3.5
dpwm•8mo ago
> A time field is an unsigned 4-octet number containing the number of seconds elapsed since midnight, 1 January 1970 UTC.