SHA3 IANA registration - method?

Andrey Jivsov openpgp at brainhub.org
Tue Dec 18 00:21:08 CET 2012


On 12/17/2012 02:20 PM, Hauke Laging wrote:
> Am Mo 17.12.2012, 14:05:32 schrieb Andrey Jivsov:
>
>>> And how is he supposed to check the signature without having the key? Who
>>> would accuse anyone of anything without even being able to make a
>>> signature
>>> verification for himself?
>
>> My description includes "I quickly update the key file on the website".
>> That refers to the update with the second key with colliding fingerprint.
>
> Sure but what difference does that make? The new key does not verify the
> signature.
>
> I think it boils down to the point that anyone who wants to make claims about
> a signature but does not store the respective public key is just plain stupid.
> This is not a technical problem.

OpenPGP signed messages contain only a reference to the key as keyID. 
It's a truncated fingerprint. The key will need to be retrieved based on 
this set of bytes. There are OpenPGP-based systems that retrieve keys 
from key servers automatically and verify signatures in the automated 
way. For these systems fingerprints are important elements of the whole 
system.

Please keep in mind that this thread is about fingerprints. If an 
OpenPGP system doesn't rely that much on the the fingerprint-to-key 
link, then whatever we are discussing here is irrelevant to these system.

That's not to say that there is no problem with fingerprints. RFC 4880 
doesn't warn users that "you cannot rely on fingerprints for security 
and MUST cache keys for full repudiation". I don't think it should. I 
think it's much easier to fix the fingerprints and continue to view them 
as ideal hashes of keys.






More information about the Gnupg-devel mailing list