On Mon, May 4, 2009 at 9:24 AM, Werner Koch <w...@gnupg.org> wrote: > On Fri, 1 May 2009 05:58, a...@smasher.org said: > >> so... when is the open-pgp spec moving beyond SHA1 hashes to identify >> public keys? what's next? will it have to be a bigger hash? > > OpenPGP does not claim that the fingerprint is a unique way to identify > a key.
How does GPG cope if two keys on the keyring have the same FP? AFAICS that would make things very difficult for most of the front-ends, especially if they had been relying on the uniqueness (in practice) of the FP to specify which key to operate on. N. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
