OpenPGP headers
Thomas Sjögren
thomas at northernsecurity.net
Tue Aug 10 17:59:59 CEST 2004
On Tue, Aug 10, 2004 at 10:53:25AM -0400, Atom 'Smasher' wrote:
> the id (or fingerprint) is just as important in determining the correct
> key as the size and algo.
dont you mean "the size and algo is just as important
in determening the correct key as the id (or fingerprint)"?
however, i dont believe that is true since the way to find the correct
way is the check the complete fingerprint. the size and algo is of no
interested in determining the correct key:
1. it's isn't near unique and isn't supposed to be
2. people change key sizes and algo but dont change keys, take for
example the use of subkeys.
> draft 0.1 <http://atom.smasher.org/pgp-headers/pgp-headers01.txt> allows a
> full fingerprint to be used as a key id. it also specifies that a key id
> SHOULD be prefixed with "0x"... the prefix aids in avoiding ambiguity.
Since this draft is about providing "information about the senders OpenPGP key."
I think section 1.1.1 should be different because, as stated in rfc 2440
implementations SHOULD NOT assume that Key IDs are unique.
Hence, to correctly identify a key you need the complete fingerprint.
/Thomas
--
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
Url : /pipermail/attachments/20040810/d00a4f72/attachment.bin
More information about the Gnupg-devel
mailing list