On Tue, 5 May 2009 00:33, nicholas.c...@gmail.com said:
> front-ends to specify a key by that number? This might even be as
> simple as a number generated by pre-pending the number of the key in
> the standard --list-keys output to the fingerprint.
We had something like this many years ago but
On Mon, May 4, 2009 at 10:01 PM, John W. Moore III
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Nicholas Cole wrote:
>
>> How does GPG cope if two keys on the keyring have the same FP? AFAICS
>> that would make things very difficult for most of the front-ends,
>> especially if t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Nicholas Cole wrote:
> How does GPG cope if two keys on the keyring have the same FP? AFAICS
> that would make things very difficult for most of the front-ends,
> especially if they had been relying on the uniqueness (in practice) of
> the FP to sp
On Mon, 2009-05-04 at 13:39 +0200, Werner Koch wrote:
> The forthcoming new keyring
> format will cope with that by not allowing a second key with the same
> fingerprint.
Ah,.. I've always thought this would be already the case ^^
When will we see this new format?
Chris.
smime.p7s
Description
On Mon, 2009-05-04 at 13:39 +0200, Werner Koch wrote:
> The only real crypto use in the protocol is with the revocation key
> (designated revoker) which uses a 20 byte fingerprint to specify the
> key. However I cannot see where there is a threat.
Ok,.. but most people do not exchange they key-dat
On May 4, 2009, at 6:16 AM, Nicholas Cole wrote:
On Mon, May 4, 2009 at 9:24 AM, Werner Koch wrote:
On Fri, 1 May 2009 05:58, a...@smasher.org said:
so... when is the open-pgp spec moving beyond SHA1 hashes to
identify
public keys? what's next? will it have to be a bigger hash?
OpenPGP
On Mon, 4 May 2009 12:16, nicholas.c...@gmail.com said:
> How does GPG cope if two keys on the keyring have the same FP? AFAICS
> that would make things very difficult for most of the front-ends,
I don't know, because I am not able to create such keys ;-).
It is not different from looking up t
On Mon, May 4, 2009 at 9:24 AM, Werner Koch wrote:
> On Fri, 1 May 2009 05:58, a...@smasher.org said:
>
>> so... when is the open-pgp spec moving beyond SHA1 hashes to identify
>> public keys? what's next? will it have to be a bigger hash?
>
> OpenPGP does not claim that the fingerprint is a uniq
On Fri, 1 May 2009 05:58, a...@smasher.org said:
> so... when is the open-pgp spec moving beyond SHA1 hashes to identify
> public keys? what's next? will it have to be a bigger hash?
OpenPGP does not claim that the fingerprint is a unique way to identify
a key.
Also note that the results are a
2009/5/1 Atom Smasher :
> On Thu, 30 Apr 2009, David Shaw wrote:
>
>> http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
>>
>> There is not much hard information yet, but the two big quotes are "SHA-1
>> collisions now 2^52" and "Practical collisions are within resources of a
>>
On Thu, 30 Apr 2009, David Shaw wrote:
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
There is not much hard information yet, but the two big quotes are
"SHA-1 collisions now 2^52" and "Practical collisions are within
resources of a well funded organisation."
http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf
There is not much hard information yet, but the two big quotes are
"SHA-1 collisions now 2^52" and "Practical collisions are within
resources of a well funded organisation."
David
__
12 matches
Mail list logo
