Re: Number of developers, keyring map

To: Wichert Akkerman <wichert@cs.leidenuniv.nl>
Cc: Debian Developers <debian-devel@lists.debian.org>
Subject: Re: Number of developers, keyring map
From: Jason Gunthorpe <jgg@ualberta.ca>
Date: Sun, 30 May 1999 14:03:15 -0600 (MDT)
Message-id: <[🔎] Pine.LNX.3.96.990530140028.24635o-100000@Wakko.deltatee.com>
In-reply-to: <[🔎] 19990530162548.A31852@mors.net>

On Sun, 30 May 1999, Wichert Akkerman wrote:

> Previously Jason Gunthorpe wrote:
> > It is the single most important field to check. It serves the same purpose
> > as the keyID except that it is much more reliable and cannot be faked at
> > all.
> 
> If I remember things correctly both the key-ID and the fingerprint
> can be faked, although the the fingerprint is harder. You really
> want the combination of both.

I was told that the keyID was simply a random number assigned to the key
at key-generation, with a hacked generator you could assing any number you
like. However, to duplicate a fingerprint you would have to break MD5,
which if possible means we are in deep trouble anyhow :>

Jason

Reply to:

Follow-Ups:
- Re: Number of developers, keyring map
  - From: Craig Brozefsky <craig@red-bean.com>

References:
- Re: Number of developers, keyring map
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

Prev by Date: Re: Mail delivery failed: returning message to sender
Next by Date: Re: Number of developers, keyring map
Previous by thread: Re: Number of developers, keyring map
Next by thread: Re: Number of developers, keyring map
Index(es):
- Date
- Thread