Re: Number of developers, keyring map

To: Debian Developers <debian-devel@lists.debian.org>
Subject: Re: Number of developers, keyring map
From: Joel Klecker <jk@espy.org>
Date: Sun, 30 May 1999 20:50:11 -0700
Message-id: <v0420510bb377b6e08e3c@[206.163.71.146]>
In-reply-to: <[🔎] 19990530162548.A31852@mors.net>
References: <[🔎] 199905300701.IAA21287@linda.lfix.co.uk> <[🔎] Pine.LNX.3.96.990530011515.24635g-100000@Wakko.deltatee.com> <[🔎] 19990530162548.A31852@mors.net>

At 16:25 +0200 1999-05-30, Wichert Akkerman wrote:

Previously Jason Gunthorpe wrote:

It is the single most important field to check. It serves the same purpose
as the keyID except that it is much more reliable and cannot be faked at
all.


If I remember things correctly both the key-ID and the fingerprint
can be faked, although the the fingerprint is harder. You really
want the combination of both.

For RSA keys, you want the keyid, fingerprint and keylength. I'veseen keys that had identical fingerprints and keyids, but differentkeylengths.

--
Joel Klecker (aka Espy)                    Debian GNU/Linux Developer
<URL:mailto:jk@espy.org>                 <URL:mailto:espy@debian.org>
<URL:http://web.espy.org/>               <URL:http://www.debian.org/>

Reply to:

Follow-Ups:
- Re: Number of developers, keyring map
  - From: Craig Brozefsky <craig@red-bean.com>

References:
- Re: Number of developers, keyring map
  - From: "Oliver Elphick" <olly@lfix.co.uk>
- Re: Number of developers, keyring map
  - From: Jason Gunthorpe <jgg@ualberta.ca>
- Re: Number of developers, keyring map
  - From: Wichert Akkerman <wichert@cs.leidenuniv.nl>

Prev by Date: Re: New db.debian.org address
Next by Date: /etc/dpkg/shlibs.default (was: Re: ITP: stalin - it's now GPLed.)
Previous by thread: Re: Number of developers, keyring map
Next by thread: Re: Number of developers, keyring map
Index(es):
- Date
- Thread