secret key id disclosure

[David Shaw]

--YiEDa0DAkWCtVeE4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Oct 09, 2001 at 04:18:32PM -0400, chrisb@kippona.com wrote:
>=20
> Hello.  Have I compromised my secret key or encryption strength
> if I have disclosed its id like this:
>=20
> pub  1024D/8066516A 2006-12-01 my name <myaddy@my.com>
> sub  1024g/GGGGGGGG 2006-12-01 [expires: 2010-12-01]

No.

That's a public key (indicated by the "pub"), and may safely be
disclosed as widely as you like.  It does disclose several pieces of
information:

1) Your name and email address ("my name" and "myaddy@my.com")
2) When the key becomes valid (2006-12-01)
3) When the key expires (2010-12-01)
4) The type of key (1024 bit DSA signing key, 1024 bit ElGamal encryption k=
ey)
5) The key IDs (8066516A and GGGGGGGG)

None of those pieces of information are harmful to disclose.  Of
course, you've replaced some of the values above with dummy values,
but I'm sure you get the general idea.

David

--=20
   David Shaw  |  dshaw@jabberwocky.com  |  WWW http://www.jabberwocky.com/
+--------------------------------------------------------------------------=
-+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

--YiEDa0DAkWCtVeE4
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iQEVAwUBO8Nfa4ccwqs8s7QVAQE+Igf/aT1RgzWRVCChjUTwztxu7MA+YOr+myoT
S5v1Aaahh8gDX97RlWhxRB/jMOfd5T0DHd7n3AW2KwBItXpWcA6cGyBc996Aw/BA
gOt8DcUVkhddnH+Duqm3Rm4R2gKOmIEpSQNUuoKXiXu5tGFp6M6MAJ9vxHaqP5t+
kWXrtVbn1XNwg4MiaLVbfWaDlr6q3Lu11a96OPW3NS0t8QM3oYL26lOMG4j55UQU
GxA+kz72E7T6D8CZjxxCr6WlRCuOm2ItTF/dobXRDJocb0+h82lDpQ+8ZPaItOuA
bR2DGxomI8CjqJO9wtwpNdowYk0HANZqHnX1dO2MZo9hxiBHerkkdw==
=eJXt
-----END PGP SIGNATURE-----

--YiEDa0DAkWCtVeE4--