gpg.conf recommendations (FAQ improvement) was: GnuPG 1.4.19 - Encryption Questions

Ben McGinnes ben at
Wed Aug 17 18:59:37 CEST 2016

On Wed, Aug 17, 2016 at 05:32:03PM +0200, Kristian Fiskerstrand wrote:
> On 08/17/2016 05:04 PM, Bernhard Reiter wrote:
> > Am Mittwoch, 17. August 2016 16:53:57 schrieb Werner Koch:
> >> FWIW, I really wonder why people seem to use the keyid to check keys.
> > 
> > It is not done to check keys, it done to distinquish keys to select
> > in user interfaces. 
> At which point even short keyid isn't an issue as long as they only
> select amongst valid keys to begin with, unless they actually have two
> people with colliding keyids by coincidence that they communicate with.

I've actually had precisely this problem in the past, but both keys
belonged to certain (different) individuals who each thought it would
be "cool" to generate a key with the short ID of 0x00000000.  So
annoying.  Both of them disappeared from whichever forum or list
they'd been encountered on and those keys are amongst the few that
have been more trouble than they're worth and deleted.  Normally I
leave the ever expanding keyring to, well, expand.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: </pipermail/attachments/20160818/2d1e80de/attachment.sig>

More information about the Gnupg-users mailing list