New results against SHA-1

Christoph Anton Mitterer christoph.anton.mitterer at physik.uni-muenchen.de
Mon May 4 19:34:58 CEST 2009


On Mon, 2009-05-04 at 13:39 +0200, Werner Koch wrote:
> The only real crypto use in the protocol is with the revocation key
> (designated revoker) which uses a 20 byte fingerprint to specify the
> key.  However I cannot see where there is a threat.
Ok,.. but most people do not exchange they key-data and signs it,.. but
just the fingerprint....
So in practice this does not only affect the revocation signatures, does
it?


Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3387 bytes
Desc: not available
URL: </pipermail/attachments/20090504/6100f277/attachment-0001.bin>


More information about the Gnupg-users mailing list