[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#932753: tag2upload should record git tag signer info in .dsc [and 1 more messages]

Sean Whitton writes ("Bug#932753: tag2upload should record git tag signer info in .dsc [and 1 more messages]"):
> AIUI a fingerprint fails to uniquely identify a PGP key unless you also
> include the cryptographic algorithm that was used and the key size.  So
> for example, my current key is uniquely identified by writing both 4096R
> and 8DC2487E51ABDD90B5C4753F0F56D0553B6D411B.
> Even though it's unlikely we'll get a clash of fingerprints within the
> Debian keyring, it seems the algorithm and keysize ought to be included
> alongside the fingerprint, if the above is right.

In this message[1]

[GNUPG:] VALIDSIG 559AE46C2D6B6D3265E7CBA1E3E3392348B50D39 2019-07-20 1563636558 0 4 0 1 8 01 559AE46C2D6B6D3265E7CBA1E3E3392348B50D39

I think I want to include `1' for pubkey-algo and `8' for hash-algo
then ?


[1] Part of the output of
  gpgv --status-fd=2 --keyring=/usr/share/keyrings/debian-keyring.gpg < ../bpd/dgit_9.4.dsc

Ian Jackson <ijackson@chiark.greenend.org.uk>   These opinions are my own.

If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.

Reply to: