(If this feels like droning on to you, just stop reading and go do
something fun!)
On 2016-02-25 14:25, Kristian Fiskerstrand wrote:
Now, the real question discussed here though isn't really collission
but preimage attack, that is a different story and far more difficult
:)
Thanks for the link! But my approach to it wasn't really from "is it a
problem in practice" but more "should this be the advice we give" and
"what's wrong with just using the fingerprint and be done with it
forever". We always tell users to use the fingerprint if they need to be
sure of authenticity. Or if I'm mistaken about that, I think we should.
My 2 cents,
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at
<http://digitalbrains.com/2012/openpgp-key-peter>
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
