Pavol Rusnak [ARCHIVE] on Nostr: 📅 Original date posted:2015-03-07 📝 Original message:On 07/03/15 16:53, Mem ...
📅 Original date posted:2015-03-07
📝 Original message:On 07/03/15 16:53, Mem Wallet wrote:
> this allows a user to manage a GPG identity for encryption
> and signing with zero bytes of permanent storage. (on tails for example)
Hi!
As an author of BIP44 I don't think that you should use BIP44 for this
and a new BIP number should be allocated. To me it does not make much
sense to create GPG key hierarchy per Bitcoin account, but rather create
a GPG key hierarchy per device/master seed.
I am currently in process of implementing a SignIdentity message for
TREZOR, which will be used for HTTPS/SSH/etc. logins.
See PoC here:
https://github.com/trezor/trezor-emu/commit/9f612c286cc7b8268ebaec4a36757e1c19548717The idea is to derive the BIP32 path from HTTPS/SSH URI (by hashing it
and use m/46'/a'/b'/c'/d' where a,b,c,d are first 4*32 bits of the hash)
and use that to derive the private key. This scheme might work for GPG
keys (just use gpg://user@host.com for the URI) as well.
--
Best Regards / S pozdravom,
Pavol Rusnak <stick at gk2.sk>
Published at
2023-06-07 15:31:45Event JSON
{
"id": "9fd95ddb40a0ccbb9d7e2e174fdfd6c8fd3713d9caac2a51bfa02fed3ff81eb1",
"pubkey": "7631397e469f47f3535567311f5f7c17129e0ff2cb253df015e3d92ddfd92c63",
"created_at": 1686151905,
"kind": 1,
"tags": [
[
"e",
"c4619e58555f1b503503bba31fbf0964a7801c007425ec6741226f14cc8c6878",
"",
"root"
],
[
"e",
"4cbefb39438e3530cdce5c404e3f0d40628a8ba0edb85183e9b88c611529db57",
"",
"reply"
],
[
"p",
"9295bf5ca4aa83b2e5debf882468bba3b9b4913c40ddbb4678eadadc7d5b74a6"
]
],
"content": "📅 Original date posted:2015-03-07\n📝 Original message:On 07/03/15 16:53, Mem Wallet wrote:\n\u003e this allows a user to manage a GPG identity for encryption\n\u003e and signing with zero bytes of permanent storage. (on tails for example)\n\nHi!\n\nAs an author of BIP44 I don't think that you should use BIP44 for this\nand a new BIP number should be allocated. To me it does not make much\nsense to create GPG key hierarchy per Bitcoin account, but rather create\na GPG key hierarchy per device/master seed.\n\nI am currently in process of implementing a SignIdentity message for\nTREZOR, which will be used for HTTPS/SSH/etc. logins.\n\nSee PoC here:\nhttps://github.com/trezor/trezor-emu/commit/9f612c286cc7b8268ebaec4a36757e1c19548717\n\nThe idea is to derive the BIP32 path from HTTPS/SSH URI (by hashing it\nand use m/46'/a'/b'/c'/d' where a,b,c,d are first 4*32 bits of the hash)\nand use that to derive the private key. This scheme might work for GPG\nkeys (just use gpg://user@host.com for the URI) as well.\n\n-- \nBest Regards / S pozdravom,\n\nPavol Rusnak \u003cstick at gk2.sk\u003e",
"sig": "1773412dc7ba4dce61d4ac6e008e24e857ea11bbd415072426481d8a63d833cad065c235a6e25a45bf1f477ce652550289a626c62fa193d54e30970d05ae7247"
}