Key ID format: short or long?
faramir.cl at gmail.com
Wed Oct 22 07:41:16 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
David Newman escribió:
> The 8 char key ID is enough for one to retrieve your public key from
> any keyserver, however, if that person would like to sign your key they
That is what I thought, they would use the KeyID instead of the
fingerprint (but then somebody pointed the Key ID is the last part of
the fingerprint, a fact I had not noticed before). So I can either tell
them the last part of the fingerprint can be used to retrieve the key,
or give them my biglumber url... I chose to give my biglumber url, since
if I ever have to change my email address, I can just update my key, and
they could retrieve the update key, with the new UID linked to the new
> need 2 things from you. At least one picture ID and your key's
> fingerprint. Chances are, if someone has your business card they have
That is if we are talking about some kind of notary or assurer... But
if I give the card to a cousin, he would not require my picture ID...
And some other people would not really care if they know my real
identity, as long as they know my real email address... As an example, I
am in an alliance of players of some multiplayer game. While everybody
was invited by somebody they know in real life, some just knew the one
who invited them. So the first time I went to a barbecue with them,
everybody was talking to the other people referring to them by their
nicknames... However, it would be important to exchange our email
addresses, and it would be a good thing to use gpg... sometimes a player
send his "game sensitive information", like user and password... or even
worst, they post them into the alliance forum (and we know there have
been attempts to penetrate the forum...). Well, this was just a real
example about situations where real ID is not important...
> for including the fingerprint instead of just the keyID. They are not
> going to use the fingerprint to retrieve the key, only to verify that the
> retrieved key is yours.
Right, now I am convinced the whole fingerprint is better...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users