[Pkg-gnupg-maint] Bug#725411: Bug#725411: gnupg: gpg blindly imports keys from keyserver responses

Daniel Kahn Gillmor dkg at fifthhorseman.net
Sun Aug 24 15:37:04 UTC 2014


On 08/24/2014 07:46 AM, Florian Weimer wrote:
> The recommendation to rely on 64 bit key IDs is rather questionable
> because V3 keys allow cheap construction of 64-bit key ID duplicates:
> 
> <http://www.ietf.org/mail-archive/web/openpgp/current/msg00373.html>

This is not an issue with 64-bit key IDs, but an issue with v3 keys
entirely.  the v3 fingerprint itself is entirely forgeable.

no one should be using v3 keys at all today, period.

	--dkg

PS i agree that 64-bit key IDs are insufficient as well for v4 keys if
you care about collisions, or if you have a powerful adversary (a
preimage attack against a 64-bit truncated SHA1 digest is within reach
of someone with weight to throw around, even if i can't do it handily on
my laptop).  this is why machines should use full fingerprints
internally, and humans shouldn't really be exposed to any kind of keyids.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20140824/3da6ae46/attachment.sig>


More information about the Pkg-gnupg-maint mailing list