Package: gnupg2
Version: 2.1.11-7
Severity: normal
Tags: security
GnuPG2 defaults to returning short key IDs when listing keys. Short
key IDs are quite vulnerable to collisions, and their use should be
strongly discouraged.
I wrote the following with a progression of attacks; this is all
well-kno
On Fri 2016-06-03 15:25:36 -0400, Gunnar Wolf wrote:
> GnuPG2 defaults to returning short key IDs when listing keys. Short
> key IDs are quite vulnerable to collisions, and their use should be
> strongly discouraged.
>
> I wrote the following with a progression of attacks; this is all
> well-known
Daniel Kahn Gillmor dijo [Fri, Jun 03, 2016 at 05:06:43PM -0400]:
> So i'd actually be happier with "keyid-format none" or "keyid format
> fingerprint" [1] than with "keyid-format long" but i agree that "long"
> or "0xlong" is still superior to the current situation.
Umh... There's something wrong
On Fri 2016-06-03 18:27:32 -0400, Gunnar Wolf wrote:
> Daniel Kahn Gillmor dijo [Fri, Jun 03, 2016 at 05:06:43PM -0400]:
>> So i'd actually be happier with "keyid-format none" or "keyid format
>> fingerprint" [1] than with "keyid-format long" but i agree that "long"
>> or "0xlong" is still superior
On Fri, 3 Jun 2016 23:06, d...@fifthhorseman.net said:
> I've repeatedly suggested to upstream that we should change this default
> (in the software, not just in gpg-conf.skel), but it hasn't happened
> yet. see the changes i've posted here:
Although parsing of the huiman readable output of gpg
5 matches
Mail list logo
