Fingerprints and Key-IDs - Was: [PATCH] avoid publishing the GnuPG version by default
ilf at zeromail.org
Sat Aug 6 16:06:04 CEST 2016
Daniel Kahn Gillmor:
> ilf, what are you asking for when you ask for removing the
> "keyid-format" option altogether?
As always, dkg is right, and I need to be more precise. Fortunately, I
can just quote you:
> I'm arguing here that short Key IDs and long Key IDs are actually
> useless, and we should stop using them entirely where we can do so. We
> certainly should not be exposing normal human users to them.
I assume that the option --keyid-format was first "widely" used to
mitigate from --keyid-format "short" to "long" after the first
collisions were shown in 2011. That was okay then.
But as dkg has argued in 2013, we should move away from --keyid-format
"short" *and* "long". Which is why "none" was introduced and is now the
> …"none" does not show the key ID at all but shows the fingerprint in a
> separate line.
This is good.
But "short" and "long" do *only* show the key ID, *and not* the
fingerprint in a separate line. (Except if used with --fingerprint,
which is what this does:
Surely this is not a desired behavior.
So I would propose:
1. Short term: Add "the fingerprint in a separate line" for all
2. Gradually deprecate the "keyid-format" option.
2.a. Mid term: Add a warning to stderr if keyid-format is explicitly set
to anything but "none". Note this in release notes.
2.b. Long term: Remove the parameter entirely.
What do you think?
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: not available
More information about the Gnupg-devel