howto secure older keys after the recent attacks

Robert J. Hansen rjh at sixdemonbag.org
Thu Sep 10 22:21:44 CEST 2009


Daniel Kahn Gillmor wrote:
> On 09/10/2009 10:54 AM, Robert J. Hansen wrote:
>> On Thu, 2009-09-10 at 14:02 +0200, Philippe Cerfon wrote:
>>> I thought the key ID is only used for humans to short check the
>>> keys,.. but not in the system itself?!
>> Nope, it's pretty pervasive in the system.
> 
> Unless i misunderstand the context, I think I disagree with your
> characterization here, Robert.

I understood him to mean the "key ID" as the fingerprint of the
certificate's primary signing key, rather than checking each bit of the
certificate's primary signing key individually.



More information about the Gnupg-users mailing list