Gah, I am evidently having a bad day with e-mail, so I am going to send a typo correction with this and then go do something else instead.
Corrections in caps, below.
— Alec Muffett Security Infrastructure Facebook Engineering London
On Aug 8, 2015, at 2:14 PM, Alec Muffett alecm@fb.com wrote:
Please let a thousand discovery mechanisms bloom - including peer-to-peer directories and tweeted URLs.
But, what they boil down to, please let *that* be human-readable, too. The more I THINK about it, the more I like:
a1uik-0w1gm-fq3i5-ievxd-m9ceu-27e88-g6o7p-e0rff-dw9jm-ntwkd-sdxxx.onion
…where the final “xxx” is a 15-bit truncated secure hash of the rest of the original raw address bitstring.
That way people looking to quickly compare addresses can check the first QUINTET, and the last, and sample a few of the inner ones (“…people compare glyphs not words…” / “there’s IEVXD and there’s E0RFF, I like that one, it’s like Eeyore in Winnie-The-Pooh, and 0WLGM reminds me of Owls") and be reasonably satisfied and reasonably secure.
And the XXX can be checked by the browser and tell the user that they’ve goofed-up cut/paste/typing-it-in. And then they bookmark it once it loads.