[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Number of developers, keyring map

On Tue, 1 Jun 1999, Marco d'Itri wrote:

> On May 31, Wichert Akkerman <wichert@cs.leidenuniv.nl> wrote:
>  >> Sounds like I should be using a triplet composed of the keyid,
>  >> fingerprint and keylength ?
>  >Duh, I forgot about keylength. But yes, you really need all three. Let

> You don't. For RSA the keyid is a subset of the fingerprint, for v4 keys
> (all others) you just don't have to care.
> Please read the PGP FAQ you can find at
> http://www.pgp.net/pgpnet/pgp-faq/.

For v4 keys the fingerprint is actually secure, it is only with the old
format that there is a problem. Given this I don't think it is worth
storing the information since gpg cannot search for a fingerprint +
length. (that and GPG itself indexes its database by fingerprint)


Reply to: