On 2019-08-07 12:32:55 +0200 (+0200), Bastian Blank wrote: > On Mon, Aug 05, 2019 at 01:33:26PM +0000, Jeremy Stanley wrote: > > You mentioned Kubernetes (which I haven't really used so have yet to > > notice), but who else's "current" software encodes checksums in > > base64 besides the Kubernetes ecosystem? > > ssh for example: > > | 256 SHA256:EpFMDce1dEpK1b3/Xy7JFds056cob+qcI4tsBC/Od6A comment (ED25519) Thanks, great example! While it could be thought of as a checksum, that still seems like a bit of a stretch to me. The ssh_known_hosts specification has long used base64 for host key encoding, so its newer option to hash entries in order to hide their host/address correlation also using base64 isn't much of a surprise. The sshd(8) manpage's "ssh_known_hosts file format" section refers to these as "hashed hostnames." Nevertheless, it is definitely an example of a cryptographic hash in base64 rather than base16 encoding at the very least. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature