Size of main key...
Peter Lebbing
peter at digitalbrains.com
Mon Feb 24 21:21:50 CET 2014
On 24/02/14 13:42, Hauke Laging wrote:
> That's probably intentional. People always use the newest certificate,
> don't they...? :-o
Well into hypothetical territory now because there was no attacker, but...
I suppose you have a good point. Those people that think you can verify
authenticity by just checking the short key ID, they might as well think that
both keys are genuinely those of Laurent, and pick the most recent one.
If I would do the attack, I would make everything as genuine as I could, so I
would alter my system clock. But perhaps that's missing the opportunity to be
chosen /in preference of/ the real key :). Neato. I was banking on just getting
the fake key to be the only one that the victims see.
Peter.
--
I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
More information about the Gnupg-users
mailing list