OpenPGP headers
Werner Koch
wk at gnupg.org
Tue Aug 10 19:34:58 CEST 2004
On Tue, 10 Aug 2004 17:28:54 +0200, Simon Josefsson said:
> Thanks. If you know the algorithm and key size, is the attack much
> harder, or just slightly harder? If it is much harder, I think that
Common wisdom from pgp2 times is to also compare the creation date of
the key - something we don't have anymore with v4 (i.e. OpenPGP keys)
With v4 keys comparing the fingerprint is sufficient.
Anyway, the keyID mail header is nothing more than a hint and easy to
fake. Thus any additional information is simply misleading.
Werner
More information about the Gnupg-devel
mailing list