PGP/MIME considered harmful for mobile

Ben McGinnes ben at adversary.org
Thu Mar 3 04:04:43 CET 2011


On 1/03/11 9:33 AM, David Shaw wrote:
> 
> That experiment, while interesting, is not relevant to the "real
> Martin" / "fake Martin" situation we've been talking about.  If both
> Real Martin and Fake Martin have the same secret key, then there is
> no way to tell them apart using signatures.

Hang on, maybe I got lost in this thread, but I thought they had
different keys, but "fake Martin" had managed to generate one with the
same key ID (possibly the same fingerprint) as "real Martin"
... right?


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110303/89e00d6b/attachment.pgp>


More information about the Gnupg-users mailing list