"Just config #gnupg to use long keyids and it's all good!"
Nope, those are dead too, cf. @coruus' KeySteak attack: http://www.gossamer-threads.com/lists/gnupg/devel/68250 …
even the binary format of OpenPGP signatures and so on only contains 64 bits of the key id
-
-
so writing an OpenPGP client that handles 64-bit collisions correctly is a PITA, way easier to just reject on import
- 1 more reply
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.