From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: "Garreau\, Alexandre" <galex-713@galex-713.eu>
Newsgroups: gmane.emacs.devel
Subject: Re: Network security manager
Date: Sun, 23 Nov 2014 21:23:45 +0100
Message-ID: <878uj1vf72.fsf@galex-713.eu>
References: <m3zjbqouyk.fsf@stories.gnus.org> <m3oas5am0b.fsf@stories.gnus.org>
	<CAG-q9=Z7_T1-AYz=pYjvJeg1BM1i9VjYAu76V_pD5F7MpR8a2A@mail.gmail.com>
	<m3bno5igmh.fsf@stories.gnus.org>
	<87sihg7r73.fsf@alrua-karlstad.karlstad.toke.dk>
	<87a93oilxl.fsf@lifelogs.com>
	<87fvdg6xnn.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3389gusli.fsf@stories.gnus.org>
	<878uj86wr4.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3tx1wtbsz.fsf@stories.gnus.org>
	<87r3x05fze.fsf@alrua-karlstad.karlstad.toke.dk>
	<m361ectawm.fsf@stories.gnus.org>
	<87d28k5f17.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3mw7oruge.fsf@stories.gnus.org>
	<87wq6r4tii.fsf@alrua-karlstad.karlstad.toke.dk>
	<m3k32rmuxn.fsf@stories.gnus.org> <87ioibmm46.fsf@galex-713.eu>
	<m361ebjsf7.fsf@stories.gnus.org> <87d28jml4q.fsf@galex-713.eu>
	<m3vbm58zie.fsf@stories.gnus.org> <m3r3wt8z95.fsf@stories.gnus.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
	micalg=pgp-sha512; protocol="application/pgp-signature"
X-Trace: ger.gmane.org 1416774257 30201 80.91.229.3 (23 Nov 2014 20:24:17 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sun, 23 Nov 2014 20:24:17 +0000 (UTC)
Cc: Toke =?utf-8?Q?H=C3=B8iland-J=C3=B8rgensen?= <toke@toke.dk>,
	emacs-devel@gnu.org
To: Lars Magne Ingebrigtsen <larsi@gnus.org>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Sun Nov 23 21:24:12 2014
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xsdha-0003H2-G6
	for ged-emacs-devel@m.gmane.org; Sun, 23 Nov 2014 21:24:10 +0100
Original-Received: from localhost ([::1]:49934 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>)
	id 1Xsdha-0002Km-1O
	for ged-emacs-devel@m.gmane.org; Sun, 23 Nov 2014 15:24:10 -0500
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:46613)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <galex-713@galex-713.eu>) id 1XsdhR-0002KU-RQ
	for emacs-devel@gnu.org; Sun, 23 Nov 2014 15:24:07 -0500
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <galex-713@galex-713.eu>) id 1XsdhM-0006NB-HQ
	for emacs-devel@gnu.org; Sun, 23 Nov 2014 15:24:01 -0500
Original-Received: from bar75-1-78-192-124-148.fbxo.proxad.net ([78.192.124.148]:35864
	helo=galex-713.eu) by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <galex-713@galex-713.eu>) id 1XsdhM-0006My-4F
	for emacs-devel@gnu.org; Sun, 23 Nov 2014 15:23:56 -0500
Original-Received: from X60T713 (71.45.142.88.rev.sfr.net [88.142.45.71])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(Client did not present a certificate)
	(Authenticated sender: galex-713)
	by galex-713.eu (Postfix) with ESMTPSA id 4F23915F5CF;
	Sun, 23 Nov 2014 21:23:54 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=galex-713.eu; s=dkim;
	t=1416774234; bh=CnqDNOolBGOOEvwZ8s/QbgnkZfAA/jMMiliJjsFbGQw=;
	h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
	b=X6HXrLjUGRgwCJ8MtJrqYjw1RLDO/N/21iiEDxFzHKJzldlqzllceKSRSsi04GTNk
	GKeCkyz9uFIeejk1bzl5urgjZbv9Tf1qSRwUYu1vyXy8s0AnTl6ZGMkaXnOEaXKPdS
	SCdZKd2qskh7Iymn8rfXgJe/MNCqWQJBH+apLpnI=
User-Agent: Gnus (5.13), GNU Emacs 24.4.1 (i586-pc-linux-gnu)
Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwCAMAAABg3Am1AAAABGdBTUEAALGPC/xhBQAAADBQ
	TFRFAAAAAAAAAAAAAAAAAAAAAQEBAQEBAgICBAQEFRUV////////////////////////2mBkLQAA
	ABB0Uk5TAAAAAAAAAAABCU2g0Pr+/CTJwSkAAAABYktHRACIBR1IAAABkUlEQVRIx82W0XLEIAhF
	nbx5QfP/f1sVUVSStvvSOrObrOEI1yBsuH45wl8AAHEdRMD3QDHOZjDhFQClvI20IRaIYl5Wvdu1
	e0uIPgDWBVGuhYW6ZHhAsxf/5Y6ofCTKlQjWPsl8cZBRvlhCQbJEMPY6S9U2coupE7R7iMa+rkgN
	o/FmDg0Y8fSI1qljl5CGf3Gm0p8A414dtBuOPlAcTO+koVi3G7A4SOMHeTGFHi2OiB5khx7sZSXH
	eU8PwCKZjJxDdpB5K9kNbwGMhJY386kTkwB39NcsP294QDKS7caYPfYB5NeRDg30DvAO1AgSL8PM
	TGBsK+UjZHPwJqAvrkre970WEDgAq2TeU2FkIE1ARZDzYkcG6is16d0kH0DspwJml/oBQnbPpGRg
	08fLEfUkz2xBXoCWAp5kzcBicFtAcwIeUGVzW9AAkaROu4DUdCxAL8V+l5JyvAG2GO8e5MkO2HJ/
	NCXGdQLSCbYOZRrKCVwR2rJquUbtpmm2rNhmH5tiSj9oih+03Q8a+z/4c/IFGNsy9Qwqrr0AAAAA
	SUVORK5CYII=
X-Home-Page: https://www.galex-713.eu
X-GPG-FINGERPRINT: E109 9988 4197 D7CB B0BC 5C23 8DEB 24BA 867D 3F7F
X-GPG: 0x8DEB24BA867D3F7F
X-Accept-Language: fr, it, en, eo
In-Reply-To: <m3r3wt8z95.fsf@stories.gnus.org> (Lars Magne Ingebrigtsen's
	message of "Sun, 23 Nov 2014 20:59:02 +0100")
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x [generic]
X-Received-From: 78.192.124.148
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:178124
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/178124>

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Le 23/11/2014 =C3=A0 20h53, Lars Magne Ingebrigtsen a =C3=A9crit=C2=A0:
> "Garreau, Alexandre" <galex-713@galex-713.eu> writes:
>> Unfortunately no, but there are several implementations, mainly in
>> javascript, PHP, and, err, Java, as far as I know. But it=E2=80=99s quit=
e simple
>> and should be easily possible in any language where you can draw simple
>> figures.
>>
>> The three I know:
>> https://github.com/sebsauvage/VizHash/
>> https://github.com/sametmax/VizHash.js
>> https://github.com/inouire/VizHash4j
>>
>> I=E2=80=99d be really glad if someone found a way to do it with elisp=E2=
=80=A6 maybe
>> using an external program?
>
> It seems really easy to implement in Emacs Lisp + svg, so that's no
> problem.  I've started implementing an SVG creation library.
>
> However, I'm now looking at the algorithm this uses, and I notice:
>
>  var hash =3D hex_sha1(text) + hex_md5(text);
>
> I think the common reaction to seeing md5 being used for anything these
> days is "err".  Although it's probably OK here, I wonder what's the
> chance of this algorithm getting much uptake?  Has anybody started using
> this?

Yeah, I=E2=80=99ve been surprised by that too. I were thinking that if I ha=
d to
make an implementation some day I=E2=80=99d use SHA512 instead.

> Is there an RFC?

No, the developers had the idea and gave some examples of usages
(background change within firefox according domain name=E2=80=99s vizhash to
prevent unicode-phishing for instance, or password verification, or
things like that) without taking care of spreading the idea (which I
think could have a real success).

Le 23/11/2014 =C3=A0 20h59, Lars Magne Ingebrigtsen a =C3=A9crit=C2=A0:
> Lars Magne Ingebrigtsen <larsi@gnus.org> writes:
>
>> Although it's probably OK here, I wonder what's the
>> chance of this algorithm getting much uptake?  Has anybody started using
>> this?  Is there an RFC?
>
> And the gnutls library exports a sha1 hash of the pubkey, so I'm not
> quite sure how to get the md5 of it as well...

Oh, I thought gnutls could give an md5 of pubkey since certtool --info
give the md5sum just before the sha1=E2=80=A6 Anyway if it=E2=80=99s to gnu=
tls to
calculate it it means it=E2=80=99ll be less secure and more likely to find
collisions=E2=80=A6 :/

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUckJSXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRFMTA5OTk4ODQxOTdEN0NCQjBCQzVDMjM4
REVCMjRCQTg2N0QzRjdGAAoJEI3rJLqGfT9/Vj4P/0r7PAhaShKC4nzG/7mKSwrP
5WlOUoX72Vt1jPhAy7PCsTmjOA31EqtqX6foUBkcj+ygEw8BazwuUT4ukFmpCGEb
D4tsUT0qDbiZi20lJQIQWyHo2QUROKlJjLJfBQAx0p2MjLZb89szn2XhQjZ9glO5
8LaSRJn9JF/1uS9LYI+uEt2YsDu6Cz64VjALU/HGk2vs4Jeo5IpzyVEvdMiSEQQ7
QSmIqYB9VDaasPayTr1URDDxl2Xpi49EFmN2XeMp/LqltGWTj+Ebe1JX8IuEzlqn
o15ZmfbYZRomAEFIXVEHRc3KZOjD3fDMSyrH8QELgVkTwbKfPbJ51g7S7JcVjlO/
JPiEChqt8qkpiaqof4MSE5Dm1BjqNmKU49gBKi6XOEWRIzw2f0MvSxX7t1XSOqg0
ESEosUeNm92bGSS1BGIXZ9Ilh42SRBK8mmnM1Rt7RTuDbDo7hAVS7YnPebEkIiDB
VB9yOvLYhgswzGSDJ0tzAUODyWXxa/JSZLpdC/rCCxA8BLT5jA1ee7c1vsYg6dMX
AOkj6LCzfp/Tv/ZCRg10NI3rGmXwRMyf9OUF9VdR4DZiVtsP46n5TkX24gxUU5tb
uXQG7xupVf+uYIjKB71TKK1ywMY42OEnU4uAYo/DkGOLrACNAX4vhATUx7irE+TU
3WWYN1/9M+GTvliEYWD7
=GaRi
-----END PGP SIGNATURE-----
--=-=-=--