Re: Key collisions in the wild

To: debian-devel@lists.debian.org
Subject: Re: Key collisions in the wild
From: Thibaut Paumard <thibaut@debian.org>
Date: Wed, 10 Aug 2016 01:32:14 +0200
Message-id: <[🔎] 57AA67FE.9050001@debian.org>
In-reply-to: <[🔎] 57AA65EC.8080500@debian.org>
References: <[🔎] 20160809224743.GZ6224@var.home> <[🔎] 57AA65EC.8080500@debian.org>

Le 10/08/2016 01:23, Thibaut Paumard a écrit :
> Thanks Samuel,
> 
> Looks like my key has been purposefully collided too, already two years ago:
> 
> thibaut$ LANG=C gpg --search-key thibaut@debian.org
> gpg: searching for "thibaut@debian.org" from hkp server pgp.mit.edu
> [snip]
> (2)	Thibaut Paumard <thibaut@debian.org>
> 	  4096 bit RSA key E0DC2840, created: 2014-06-16
> (3)	Thibaut Paumard <thibaut@debian.org>
> 	Thibaut Paumard <paumard@users.sourceforge.net>
> 	  4096 bit RSA key E0DC2840, created: 2012-06-12
> [snip]
> 
> 
> I checked that the full fingerprints don't match.
> 
> Regards, Thibaut.

Like Samuel's, "my" colliding key is signed with keys colliding the keys
that originally signed my real key.

Regards, Thibaut.

Reply to:

References:
- Re: Key collisions in the wild
  - From: Samuel Thibault <sthibault@debian.org>
- Re: Key collisions in the wild
  - From: Thibaut Paumard <thibaut@debian.org>

Prev by Date: Bug#833890: ITP: ampr-ripd -- Routing daemon for AMPRnet gateway announcements
Next by Date: Re: Key collisions in the wild
Previous by thread: Re: Key collisions in the wild
Next by thread: Re: Key collisions in the wild
Index(es):
- Date
- Thread