Re: Key collisions in the wild
Thanks Samuel,
Looks like my key has been purposefully collided too, already two years ago:
thibaut$ LANG=C gpg --search-key thibaut@debian.org
gpg: searching for "thibaut@debian.org" from hkp server pgp.mit.edu
[snip]
(2) Thibaut Paumard <thibaut@debian.org>
4096 bit RSA key E0DC2840, created: 2014-06-16
(3) Thibaut Paumard <thibaut@debian.org>
Thibaut Paumard <paumard@users.sourceforge.net>
4096 bit RSA key E0DC2840, created: 2012-06-12
[snip]
I checked that the full fingerprints don't match.
Regards, Thibaut.
Le 10/08/2016 00:47, Samuel Thibault a écrit :
> Hello,
>
> As a late follow-up of the gpg key collision thread from debian-private
> (but posted on debian-devel, there is nothing private here, I prefer to
> see this information publicized actually):
>
> € gpg --search-key samuel.thibault@gnu.org
> ...
> (1) Samuel Thibault <samuel.thibault@gnu.org>
> 4096 bit RSA key 7D069EE6, created: 2014-06-16
> (2) Samuel Thibault <samuel.thibault@gnu.org>
> 4096 bit RSA key 7D069EE6, created: 2010-09-14
>
> So somebody *does* try to fake my gpg key too...
>
> For the reminder,
> https://gwolf.org/node/4070
>
> Samuel
>
Reply to: