FAQ maintenance

Doug Barton dougb at dougbarton.email
Fri Feb 26 04:20:57 CET 2016

On 02/25/2016 06:50 AM, Kristian Fiskerstrand wrote:
> On 02/25/2016 02:38 PM, Peter Lebbing wrote:
>> (If this feels like droning on to you, just stop reading and go do
>> something fun!)
>> On 2016-02-25 14:25, Kristian Fiskerstrand wrote:
>>> Now, the real question discussed here though isn't really
>>> collission but preimage attack, that is a different story and far
>>> more difficult :)
>> Thanks for the link! But my approach to it wasn't really from "is
>> it a problem in practice" but more "should this be the advice we
>> give" and "what's wrong with just using the fingerprint and be done
>> with it forever". We always tell users to use the fingerprint if
>> they need to be sure of authenticity. Or if I'm mistaken about
>> that, I think we should.
> Well, it depends. Sure, should always use full fingerprint for
> certificate validation etc, no question asked. But the internal keyid
> and the packet structure use 64 bit keyid as identifier, so using
> fingerprint in quite a number of other cases is more resource
> intensive without necessarily improving too much (in particular in
> cases where action from yourself is required, default key for signing
> etc).

There is a value in future-proofing advice. It's true *today* that the 
64-bit key ID is used internally, but that may not be the case tomorrow.

There is also value in giving consistent advice. "Use the full 
fingerprint everywhere you need to identify a key" is much easier for 
users to understand than for them to try to remember which places they 
can/should use which method. Keep in mind that users are not going to be 
"doing PGP" on a day to day basis with the FAQ open in a neighboring 
window. If we can provide clear, consistent advice that's easy for users 
to remember we're way ahead of the game.


More information about the Gnupg-users mailing list