[GH-ISSUE #453] Add "Generate topic name" button #348

New issue

Closed

opened 2026-05-07 00:23:19 +02:00 by BreizhHardware · 1 comment

BreizhHardware commented

2026-05-07 00:23:19 +02:00

Owner

Originally created by @riking on GitHub (Oct 26, 2022).
Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/453

The web app and documentation should advocate for all topics that aren't "well known names" to have high entropy components. Common cryptographic wisdom is that a 2^-32 event is "not going to happen", so by the birthday bound the appropriate level of entropy is (32 + log2(num_topics_created)) * 2 bits.

64 bits / 6 bits per base64 character = 10.6 characters of base64 (minimum recommendation: 11)
96 bits / 6 bits per base64 character = 16 characters of base64 - sufficient for servers with 65k random topics
128 bits / 6 bits per base64 character = 21.3 characters of base64 (reasonable maximum recommendation: 21)

The web app "Subscribe to topic" dialog should include a button to append a hyphen and 16 base64 characters to what's already typed in the dialog box.
https://ntfy.sh/docs/publish/ should say "Pick something with about 96 bits of entropy (16 base64 characters)" instead of "that's not easily guessable" and an interactive component to generate one in the browser.

Originally created by @riking on GitHub (Oct 26, 2022). Original GitHub issue: https://github.com/binwiederhier/ntfy/issues/453 The web app and documentation should advocate for all topics that aren't "well known names" to have high entropy components. Common cryptographic wisdom is that a 2^-32 event is "not going to happen", so by the birthday bound the appropriate level of entropy is `(32 + log2(num_topics_created)) * 2` bits. 64 bits / 6 bits per base64 character = 10.6 characters of base64 (minimum recommendation: 11) 96 bits / 6 bits per base64 character = 16 characters of base64 - sufficient for servers with 65k random topics 128 bits / 6 bits per base64 character = 21.3 characters of base64 (reasonable maximum recommendation: 21) - The web app "Subscribe to topic" dialog should include a button to append a hyphen and 16 base64 characters to what's already typed in the dialog box. - https://ntfy.sh/docs/publish/ should say "Pick something with about 96 bits of entropy (16 base64 characters)" instead of "that's not easily guessable" and an interactive component to generate one in the browser.

BreizhHardware

2026-05-07 00:23:19 +02:00

closed this issue
added the
web-app

docs

android-app

enhancement
labels

BreizhHardware commented

2026-05-07 00:23:20 +02:00

Author

Owner

@binwiederhier commented on GitHub (Oct 31, 2022):

I don't dislike the idea of having a "Generate topic name" button, though if I write "Pick something with about 96 bits of entropy", people will not understand what that means.

The thought behind ntfy has always been "simplicity over everything". That includes allowing people to use unencrypted HTTP and weak topic names if they like. Yes, we warn in the UI, but not to the extent of not allowing people to make dumb choices. I like the "Generate topic name" button (though I don't know where to put it), but I don't think people are crypto-educated enough to understand what entropy is.

@binwiederhier commented on GitHub (Oct 31, 2022): I don't dislike the idea of having a "Generate topic name" button, though if I write "Pick something with about 96 bits of entropy", people will not understand what that means. The thought behind ntfy has always been "simplicity over everything". That includes allowing people to use unencrypted HTTP and weak topic names if they like. Yes, we warn in the UI, but not to the extent of not allowing people to make dumb choices. I like the "Generate topic name" button (though I don't know where to put it), but I don't think people are crypto-educated enough to understand what entropy is.

BreizhHardware referenced this issue

2026-05-07 01:01:21 +02:00

[PR #348] [MERGED] WIP: DIsplay name for the web app #1277