FAQ maintenance

Peter Lebbing peter at digitalbrains.com
Thu Feb 25 14:38:10 CET 2016

(If this feels like droning on to you, just stop reading and go do 
something fun!)

On 2016-02-25 14:25, Kristian Fiskerstrand wrote:
> Now, the real question discussed here though isn't really collission
> but preimage attack, that is a different story and far more difficult 
> :)

Thanks for the link! But my approach to it wasn't really from "is it a 
problem in practice" but more "should this be the advice we give" and 
"what's wrong with just using the fingerprint and be done with it 
forever". We always tell users to use the fingerprint if they need to be 
sure of authenticity. Or if I'm mistaken about that, I think we should.

My 2 cents,


I use the GNU Privacy Guard (GnuPG) in combination with Enigmail.
You can send me encrypted mail if you want some privacy.
My key is available at 

More information about the Gnupg-users mailing list