On 02/25/2016 06:50 AM, Kristian Fiskerstrand wrote:
On 02/25/2016 02:38 PM, Peter Lebbing wrote:
(If this feels like droning on to you, just stop reading and go do
something fun!)
On 2016-02-25 14:25, Kristian Fiskerstrand wrote:
Now, the real question discussed here though isn't really
collission but preimage attack, that is a different story and far
more difficult :)
Thanks for the link! But my approach to it wasn't really from "is
it a problem in practice" but more "should this be the advice we
give" and "what's wrong with just using the fingerprint and be done
with it forever". We always tell users to use the fingerprint if
they need to be sure of authenticity. Or if I'm mistaken about
that, I think we should.
Well, it depends. Sure, should always use full fingerprint for
certificate validation etc, no question asked. But the internal keyid
and the packet structure use 64 bit keyid as identifier, so using
fingerprint in quite a number of other cases is more resource
intensive without necessarily improving too much (in particular in
cases where action from yourself is required, default key for signing
etc).
There is a value in future-proofing advice. It's true *today* that the
64-bit key ID is used internally, but that may not be the case tomorrow.
There is also value in giving consistent advice. "Use the full
fingerprint everywhere you need to identify a key" is much easier for
users to understand than for them to try to remember which places they
can/should use which method. Keep in mind that users are not going to be
"doing PGP" on a day to day basis with the FAQ open in a neighboring
window. If we can provide clear, consistent advice that's easy for users
to remember we're way ahead of the game.
Doug
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
