No need for a private key registry because verifying the public key is
sufficient. There are public key registries but I doubt they validate
duplication.
Remember this is PGP (Pretty Good Privacy - not perfect), so there are multiple
factors that were considered. In this case, duplicate key pairs are a very
minor exposure because it's unlikely those few matching private key holders
will abuse your key.
Jon.
On Saturday, August 24, 2019, 10:30:19 AM PDT, Paul Gilmartin
<[email protected]> wrote:
On Sat, 24 Aug 2019 11:16:57 -0500, Mike Schwab wrote:
>>Well, keys are supposed to be two large prime numbers. Without a
>>registry of which numbers have been used, it would be possible for two
>>people to use the same prime number.
>Such a registry would defeat the purpose, although a registry of public
>keys is plausible. Cryptosystems depend on the extreme unlikeliness of a
>collision.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
