Gemini software is currently fragmented with regards to certificate fingerprints. It would be nice if there was an agreed upon way to calculate fingerprints so that users can easily compare fingerprints across different software. Here are some potential fingerprint methods. - Sha512 hash of the certificate, encoded in hex with ':' between each octet. Pros: matches the output of openssl x509 -sha512 -fingerprint Cons: the resulting fingerprint is very long - Sha512 hash of the certificate, encoded in base64. Pros: easy to encode and decode Cons: still somewhat long - Sha256 hash of the certificate, encoded in base64. Pros: shorter than the Sha512 hash Cons: less secure than Sha512? Note that this is the hash of the entire certificate, not just the public key. I think we should choose a fingerprint method and stick with it for consistency.
---