[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Moving to stronger keys than 1024D

On Sun, 06 Oct 2013, Thorsten Glaser wrote:
> Ah actually this is because 70096AD1 is not unique, and
> Zack has signed both of them. (I assume Asheesh generated
> the newer key to have the same ID as the older – not nice…

Actually, yes, it is quite nice.  Otherwise, all sort of bugs related to
this would still be around just waiting to screw people over.

If you need to uniquely identify keys with no chance of colisions, you must
use the key fingerprint.  It can *still* colide, but if it does, it is a
situation where all bets are off anyway, even gnupg itself is likely to not
do something sane in that case.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: