Le 10/08/2016 01:23, Thibaut Paumard a écrit : > Thanks Samuel, > > Looks like my key has been purposefully collided too, already two years ago: > > thibaut$ LANG=C gpg --search-key thib...@debian.org > gpg: searching for "thib...@debian.org" from hkp server pgp.mit.edu > [snip] > (2) Thibaut Paumard <thib...@debian.org> > 4096 bit RSA key E0DC2840, created: 2014-06-16 > (3) Thibaut Paumard <thib...@debian.org> > Thibaut Paumard <paum...@users.sourceforge.net> > 4096 bit RSA key E0DC2840, created: 2012-06-12 > [snip] > > > I checked that the full fingerprints don't match. > > Regards, Thibaut.
Like Samuel's, "my" colliding key is signed with keys colliding the keys that originally signed my real key. Regards, Thibaut.
