On 21/06/17 20:49, Peter Lebbing wrote: > which would still > be marginally safe until computers are much faster, and certainly not a > short ID which is utterly unsafe and has always been.
Which *might* still be marginally safe. I haven't done any actual calculations, and I want to seriously dissuade anyone from verifying keys by their long key ID. Don't do it, kids! 64 bits can be brute forced, but perhaps it might still be quite some effort to get a working key with a colliding long ID. I really should not have written it the way I did in the previous mail, it was very sloppy. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
