changing the default for --keyid-format [was: Re: getting an encrypted file to show what public key was used]

Kristian Fiskerstrand kf at sumptuouscapital.com
Tue May 29 18:13:17 CEST 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 2012-05-29 17:51, Daniel Kahn Gillmor wrote:
> On 05/29/2012 11:35 AM, Werner Koch wrote:

...

> I think switching the default to "long" would be on balance a Good
> Thing.
> 

I agree, and don't see much of a reason not to use a long KeyID rather
than a short one.

However, please note that search for subkeys using the long keyID
format is only supported in SKS since version 1.1.3 announced 11 April
2012 (lookup for parent/regular public keys is supported before that),
so before implementing such a change I'd like to consider setting the
minimum requirement for the SKS pool[0] to 1.1.3.

Technically that is a rather easy change, however, it'd currently
reduce the number of available servers to about 15 from 61 in the pool
with min version requrement of 1.1.0 (current). So might have to give
the keyserver administrators some time to upgrade before that.

(cross posting to sks-devel)

[0] http://sks-keyservers.net/status/

- -- 
- ----------------------------
Kristian Fiskerstrand
http://www.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Corruptissima re publica plurimæ leges
The greater the degeneration of the republic, the more of its laws
- ----------------------------
This email was digitally signed using the OpenPGP
standard. If you want to read more about this
The book: Sending Emails - The Safe Way: An
introduction to OpenPGP security is now
available in both Amazon Kindle and Paperback
format at
http://www.amazon.com/dp/B006RSG1S4/
- ----------------------------
Public PGP key 0xE3EDFAE3 at http://www.sumptuouscapital.com/pgp/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJPxPWcAAoJEBbgz41rC5UIzLIQAIoftDYMBEl4N3MRO2ucrNt2
qG2t3xMTQlRv3hmf5mqqIYmK6zRvmKmjBdw7WPdIo83xY0+WBRiOSQEkSOM86Ed3
WhgYOlaNFNaPHrYB6v1yL6C9PkqXkv1IxFP8x12CjsfgnV5AWpQWDJIXHquD2C1K
lbwX0+c/VnsN9LltBRvNqdrO/Le/HhVZyeMd6CoJYkp7aHdPCnmxsXi3DHqr78Bw
FFP4ABWllE9RgAJN8ekvM7j8CedktwPXtkjGjoQw7+13p2xP3qd6E5ggTfFaHAQ5
HibxKBFZZmkcO3JSOmO7SF+63IKYPptu2uJ/p28ZFnExO+8HelU8m5iga+OXQqFC
bw/qKbiWLcQxGMD2R+5ZyXOOCaJeg0vNwyt3YAGo09WJ7OJWYGne1A2h2vB/lxNS
V09xjkNEbLQqQ1Kt1cLLZ5p/vxwrZ/136uyGhgmxX8gFVN9GBG31VymeV7pVqG11
21i0wqCW1KvW70b+D6vgQIxzTxUE1twc5suRi01bjDnAn0Kkl3mtZjPEI9kRRyfB
W6+6zGtJgAr9AMPakAxhey39fTu8bS+dsRYS2ztrhhC/XfaxdreOrKpdKKqaUbEF
zKddYjo+XarW27vubpCkIS3hnWd8nn/jBRuAwkKUC/qiSwvKKsvV8Y2FJt0FjLqI
suwhmsLwpD1I5U0uMH6D
=2Hk4
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list