Short ID Collision

Robert J. Hansen rjh at
Wed Dec 28 13:45:14 CET 2011

On 12/28/11 6:13 AM, Jerry wrote:
> Did anyone read about this reported problem with GnuPG and short
> keys?

There is no problem.  We've known for quite a long time that short key
ID collisions are possible: that's why you can't rely on a short key ID
as a fingerprint.

There's room for some healthy debate on whether GnuPG should be sending
full fingerprints to query for keys, but honestly, calling this a
"problem" is really overstating things.  There's some behavior that some
users find less than optimal, but that's not the same as saying there's
a bug in GnuPG that can cause crashes, reveal your data, or anything
else like that.

More information about the Gnupg-users mailing list