Vanity Keys

David Shaw dshaw at jabberwocky.com
Tue Jan 13 16:34:06 CET 2015


On Jan 13, 2015, at 3:10 AM, Werner Koch <wk at gnupg.org> wrote:
> 
> On Mon, 12 Jan 2015 21:51, gnupg at lists.grepular.com said:
> 
>> Apparently some of the funds will be donated to the GnuPG project. I suspect
>> he hasn't been in contact, and I imagine the funds would not be welcome?
> 
> I have not heard about it but given that the Wau Holland Stiftung is
> collecting GnuPG donations also via Bitcoin, it is likely that this
> can't be tracked.
> 
> However, if that processing power is used to find many dups for long
> keyids we will sooner or later neet to invest work to mitigate the
> effect of this (e.g. adding a fingerprint as signed attribute to each
> signature).

I'm sort of amused by vanitykeys.io.  If you read the HN thread, the author is pretty willing to accept this isn't the greatest idea, and has updated the page to say that.  (Of course, he hasn't taken the thing down completely either..)

I like the idea of adding a proper fingerprint to signature packets.  I seem to recall this was suggested once in the past, but I don't recall why it wasn't pursued.

David




More information about the Gnupg-users mailing list