On 1/21/22, grarpamp <grarpamp@gmail.com> wrote:
I'm quite surprised that age's interface doesn't provide for signing of messages.
For between participants, the payload is self authenticating by nature of the crypto... you received it, from somewhere, that may also have included some more identity inside, it decrypted, done.
Receiving an encrypted message doesn't indicate the sender is the same person who encrypted previous messages at all, or that the message was even made in one unit by one person, does it?
For standalone clearsign maybe user could encrypt a hash of the signable content, to a separate publicly published age secret keypair that they gave provenance, that anyone could then decrypt, but that is convoluted, and is in conflict with standard of teaching people to never publish any secret key.
I think this might be an error because others could also encrypt a hash tto this key, since it's public.
Much better to use pgp, signify, minisign or whatever else for public sigs.
Curious what norms exist for using signify/minisgn. Seems formats are kind of left up to the user.
As for age, people can play with this key which will expire and be destroyed on or before 2022-04-30...
age19nr5khmhtwe0jp0f2yvh2cevsqaev5tjkq0zw5t5ruy2uvrgfsysl7r6ch
$ echo -n age19nr5khmhtwe0jp0f2yvh2cevsqaev5tjkq0zw5t5ruy2uvrgfsysl7r6ch | sha256sum 6d3b98cf0f1c9319f1f31a0682e4529e9f63e6e6a5de79995176875ab7185ada - $ age --armor -r age19nr5khmhtwe0jp0f2yvh2cevsqaev5tjkq0zw5t5ruy2uvrgfsysl7r6ch [a single line of [data] that produces this: $ echo -n [data] | sha256sum 85fc5fdedcdf8df8925855bbd0e72eb0b942c1ed290088c72a6d4fdc98ea722f - ] -----BEGIN AGE ENCRYPTED FILE----- YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4ZXZPMk0ya3oxRnVDamRV U1VnUmN5ZFY3bVpPWEEwZWxic2pBQjA4ckFNCklqYXU0SmYyRDNPcnE2NFE0U1Jz SUpJWXRaRnBkNDQvZGo4ZlRDMkpnL3cKLS0tIFpjM0VRTXlqNmF4Ti91Qk1CazRp OGJFbFVHWklLZ0hjY0NsN01xSnI3eW8KgvSUQT+Qw0lbwUyczRq35nrGQDVfiDLJ BYheOy+zh2i/ZvCDyrnxrrkS+tNJuS8b47hwMmSsgo5JQumdejapcTpnNyYtjpIC G5GftkhrPtYow/XzVc6zMFPenxG9Lm8= -----END AGE ENCRYPTED FILE-----