* Simon Richter <sjr@debian.org>, 2016-07-08, 14:33:
given that it is now possible to generate arbitrary short key ID collisions[1], and that it's now computationally feasible to at least generate a pair of keys with colliding long key IDs, I'd like to rethink practices and tools.With the web of trust, in principle there shouldn't be a problem.I have a valid trust path to Piotr's correct key. I don' have any to the fake key, because no one I trust has signed a key from the evil32 set
...yet.Given that many crypto tools have --feel-free-to-shoot-me-in-the-foot as the default, and some even don't have --do-not-shoot-me-in-the-foot as an option (see #800134), it's only a matter of time before someone slips up.
Or maybe it's already happened? Check out debian-hiding-problems@, er, I mean debian-private@ archives.
-- Jakub Wilk