From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dietmar@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 99DCF62187
 for <pbs-devel@lists.proxmox.com>; Mon, 23 Nov 2020 08:55:20 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 97DB82463E
 for <pbs-devel@lists.proxmox.com>; Mon, 23 Nov 2020 08:55:20 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [212.186.127.180])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits))
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 3689324631
 for <pbs-devel@lists.proxmox.com>; Mon, 23 Nov 2020 08:55:20 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id ED1814313D
 for <pbs-devel@lists.proxmox.com>; Mon, 23 Nov 2020 08:55:19 +0100 (CET)
Date: Mon, 23 Nov 2020 08:55:09 +0100 (CET)
From: Dietmar Maurer <dietmar@proxmox.com>
To: =?UTF-8?Q?Fabian_Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>,
 Proxmox Backup Server development discussion <pbs-devel@lists.proxmox.com>,
 Thomas Lamprecht <t.lamprecht@proxmox.com>
Message-ID: <224810846.78.1606118110748@webmail.proxmox.com>
In-Reply-To: <1605687788.575q13vngv.astroid@nora.none>
References: <20201117175725.3634238-1-f.gruenbichler@proxmox.com>
 <1774426658.212.1605677252807@webmail.proxmox.com>
 <645547754.213.1605678469368@webmail.proxmox.com>
 <6447caa6-7079-4515-af39-4322fdd8a69f@proxmox.com>
 <1605687788.575q13vngv.astroid@nora.none>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Priority: 3
Importance: Normal
X-Mailer: Open-Xchange Mailer v7.10.4-Rev13
X-Originating-Client: open-xchange-appsuite
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.116 Adjusted score from AWL reputation of From: address
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 RCVD_IN_DNSWL_MED        -2.3 Sender listed at https://www.dnswl.org/,
 medium trust
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pbs-devel] [PATCH proxmox-backup 0/7] add,
 persist and check key fingerprint
X-BeenThere: pbs-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox Backup Server development discussion
 <pbs-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pbs-devel/>
List-Post: <mailto:pbs-devel@lists.proxmox.com>
List-Help: <mailto:pbs-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel>, 
 <mailto:pbs-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2020 07:55:20 -0000

> should we switch it altogether, or just truncate it on display? IMHO for 
> Qemu I'd like to keep the full digest/fingerprint, since there a 
> skipped collision means corrupt backups, not running into the next 
> error and bailing out..

Just noticed that is a different use case, where we need to be exact. To be
100% sure, we would even need to compare the key raw data. But yes, we want 
to avoid keeping the old key in memory).

But we already have code there to do it correctly, so why do you thing
an 8byte fingerprint affects that at all?

see proxmox-backup-qemu commit 5a82749a29821bae756bb8c25dc459a3c08301d1