x488 vs all other : keyid flip

Christian Sommer code.soma.kurisu at gmail.com
Thu Mar 28 13:54:58 CET 2024


you are absolutely right:
when explicitly telling GnuPG to display x448 fingerprints (gpg
--fingerprint) it just spits out the "abbreviated hex format" by takes
the first 50 bytes and sweeping the rest under the rug! Not very nice.
Likewise by telling GnuPG you really want the short keyID displayed
(gpg --keyid-format short) it takes the LAST 32 bytes of the FIRST 64
bytes of the fingerprint.

i prefer getting what i ordered. of course it's a trivial thing for my
self counting the first eight hexadecimal characters to fulfill my
particular use-case (i'd like to have matching mail-addresses and
short key-IDs). although you gave the impression nobody would use
those command line options (plainly because of that
?"fingerprint-forgery-attack" occurring on short key-IDs) why then
don't ditch it?

on the other hand, until it's here i feel inclined on fixing it. so if
there are no objectiions i'd like to try myself on both errorneous
outputs. as you may have notices it's just a few weeks ago when i
discovered GnuPG for myself. so i'm completley new to this community
what's the preferred development model? i guess filing an issue,
forking the repository, making a pull-request, but there are also
those T-numbers linked by releases.



More information about the Gnupg-users mailing list