Werner Koch
Fri Nov 29 12:27:02 2002

On Thu, 28 Nov 2002 20:19:30 +0100, Michael Anckaert said:

> I am writing documentation for the Gnu Privacy Assistant (gpa) and want
> to know what these numbers in front of the key-id mean:
> 	1234567812345678
> I know the last 8 digits are used by keyservers and such, like
> 0xC772D5C1
> But in the documentation I want to mention what the first 8 digits mean.

The Key ID is actually 8 Byte but applications do only display the
last 4 bytes of them.  The Key ID itself is convenient an identifier
for the key and also used in messages to make it easier for an
application to locate the appropriate key.  The Key ID is not
necessary unique and a few duplicated keyIDs exists.  It is easy to
fake such a key ID, so there is no security in it.

With the modern v4 keys (created by GnuPG and PGP >= 5) the 8 last
bytes of the fingerprint is used for the Key ID.  Old Keys have their
own way to calculate the keyID.