Non-hex key IDs (was: Closing the openpgp working group)

[David Shaw <dshaw@xxxxxxxxxxxxxxx>]

On Thu, Mar 13, 2008 at 10:02:56PM +0100, Daniel A. Nagy wrote:
> And while we are at it, I would suggest to express V5 fingerprints (as well
> as key IDs) either in octal or in decimal. This is not a cryptography issue
> (*), but a usability issue on (typically mobile) devices with numeric-only
> keypads. As an added benefit, it would make the keyID ~ telephone number
> metaphor more sustainable.
> 
> For such a decision, OpenPGP could earn the ethernal gratitude of the entire
> telecom industry.

The current hex method is nicely dense: 8 characters gives you 32
bits, which is enough (today, anyway) to find and disambiguate keys in
virtually all cases (once the key is found, of course, we have the
64-bit key ID).  If you are restricted to the numbers 0-9, those 8
characters only give you a bit more than 26 bits, so there would be a
greater chance of collision.  You'd need to go to a 10-digit decimal
key ID to cover the same space as the 8 character hex ID.  10
characters isn't too bad.

It would be interesting to write a test against the keyservers to see
how much of an issue this really is.  It would also be interesting to
see if someone (the phone companies?)  has done a study on how many
digits people can easily remember.

As it happens, my key id is all decimals anyway...

David