Re: Keygrip v fingerprint ?

[Philip Jackson]

On 30/11/14 01:32, Kristian Fiskerstrand wrote:
> The keygrip is protocol-agnostic whereby the fingerprint would differ
> e.g. between OpenPGP and X.509. From [0] (note "[2]"):
> 
> The keygrip is a unique identifier for a key pair, it is
> independent of any protocol, so that the same key can be used with
> different protocols.  PKCS-15 calls this a subjectKeyHash; it can be
> calculated using Libgcrypt's gcry_pk_get_keygrip ().

Thank you, Kristian



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Keygrip v fingerprint ?

[Kristian Fiskerstrand]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On 11/30/2014 12:23 AM, Philip Jackson wrote:
> I see on :
> 
> https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index
>
>  references to both --with-keygrip and --with-fingerprint.  When I
> try --with-keygrip on gnupg2.0.26, it appears not to be a valid
> option.
> 

It is available in 2.1

> The only other time I have seen a reference to a keygrip (and I
> don't remember where I saw it), it seemed to me that a keygrip
> looked just like a fingerprint.
> 
> Could someone please explain the difference between a keygrip and a
> fingerprint or point me to a relevant document ?

The keygrip is protocol-agnostic whereby the fingerprint would differ
e.g. between OpenPGP and X.509. From [0] (note "[2]"):

The keygrip is a unique identifier for a key pair, it is
independent of any protocol, so that the same key can be used with
different protocols.  PKCS-15 calls this a subjectKeyHash; it can be
calculated using Libgcrypt's gcry_pk_get_keygrip ().

References:
[0]
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=agent/keyformat.txt;h=42c4b1f06faf1bbe71ffadc2fee0fad6bec91a97;hb=refs/heads/master

- -- 
- 
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- 
Public OpenPGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- 
"I have always wished that my computer would be as easy to use as my
telephone.
My wish has come true -- I no longer know how to use my telephone"
(Bjarne Stroustrup, April 1999)
-BEGIN PGP SIGNATURE-

iQIcBAEBCgAGBQJUemW3AAoJEPw7F94F4Tag29IP/iO+JvAlFBZyqgF5Juf+F005
iCHj7piTb5uTKFHCS+tZl481HCet1dEti8JUlQBYq5G7HAKfwWGvSsg3XSg+bpJu
s9UM3JQpC4Nc+rxVqyYkB6rwPRCdWHiJgVV9vCBX9WzRfLT4TkVBVarMRWl7v6mx
mUspI9PAm3pHVS9Sp4ehvLaDH+0tew3sCGeMLa6F4tvEcjtl6v9TXEtlsmJaBE0R
4m945ik6rAidSLVViCHBBL28UmKsXgho0YHP1fINT3nrmqojesZhqSwQ/dGL3Ppn
9Jcqiz7jLJAmx3pwBgeOV5kzFLE0iWS4x6bwNLaopjI0gM2U/ccuH3HVKbl0xu0w
Ki+z9U1eLXc2zxuGrc7M0bVjcGt72pdODPf2HNUzYeFlTcX6mmIRRVGydoKbvQBB
o84Io2pIjprCcC07lqyWU8lB6QaNHHrJ/cp1NVSfPhnxfpnPLW3u62K/2WXiWfMJ
aztfgWSIFNjrFUY01ayQj/OePei6V4FRQa9G13PSCF8C+6ESNOvLL7FpeAqQM9Es
H0I8FjWmBpVfbamuNiQxZymwN2Rc0FknGHxpwvWcZEu6PUJUyY2PtNmWwKd7nvpq
rYfp9okBRs0TCIAs0XRuF0RepwbVcbr9Z2Kxy5vqE3XsSZ5B9a4zU7OzGIoqkcH5
UQtfRrgLvyVpIiEgWq8V
=ZaEC
-END PGP SIGNATURE-

___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Keygrip v fingerprint ?

[Philip Jackson]

I see on :

https://www.gnupg.org/documentation/manuals/gnupg/Option-Index.html#Option-Index

references to both --with-keygrip and --with-fingerprint.  When I try
--with-keygrip on gnupg2.0.26, it appears not to be a valid option.

The only other time I have seen a reference to a keygrip (and I don't remember
where I saw it), it seemed to me that a keygrip looked just like a fingerprint.

Could someone please explain the difference between a keygrip and a fingerprint
or point me to a relevant document ?

Philip



signature.asc
Description: OpenPGP digital signature
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users