Re: Key collisions in the wild
Le 10/08/2016 01:23, Thibaut Paumard a écrit :
> Thanks Samuel,
> Looks like my key has been purposefully collided too, already two years ago:
> thibaut$ LANG=C gpg --search-key firstname.lastname@example.org
> gpg: searching for "email@example.com" from hkp server pgp.mit.edu
> (2) Thibaut Paumard <firstname.lastname@example.org>
> 4096 bit RSA key E0DC2840, created: 2014-06-16
> (3) Thibaut Paumard <email@example.com>
> Thibaut Paumard <firstname.lastname@example.org>
> 4096 bit RSA key E0DC2840, created: 2012-06-12
> I checked that the full fingerprints don't match.
> Regards, Thibaut.
Like Samuel's, "my" colliding key is signed with keys colliding the keys
that originally signed my real key.