Fingerprint addition
David Shaw
dshaw at jabberwocky.com
Mon Feb 10 03:01:03 CET 2003
On Sun, Feb 09, 2003 at 12:51:37AM +0000, Stefan Sels wrote:
> Hi,
>
> I was just thinking about GnuPG/PGP fingerprints and thought if it
> wouldn?t be usefull to add a new part to the fingerprint :
>
> A78B 16A7 E6AE 8930 1F69 6D96 46B9 E688 42CE 3635 / 9AA9 D811
>
> The new part behind / is the md5sum of the public key including
> signatures so you could track if the "current" public key is
> valid. I know it would be better to put an expiry on a key but it
> would be an good adition to an complete static fingerprint.
The problem with this is that given two fingerprints, you have no way
to tell them apart.
For example, given:
> A78B 16A7 E6AE 8930 1F69 6D96 46B9 E688 42CE 3635 / 9AA9 D811
and:
> A78B 16A7 E6AE 8930 1F69 6D96 46B9 E688 42CE 3635 / A789 542F
Which is the "current" one?
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
More information about the Gnupg-devel
mailing list