"Jon" == Jon Callas <jon(_at_)callas(_dot_)org> writes:
Jon> I agree that in retrospect, it would have been better to have
Jon> the key id be the high-order bits of the fingerprint rather than
Jon> the low-order bits. I, too, think this was a mistake. However,
Jon> that decision was made before this working group was
Jon> formed. (And before I joined PGP, Inc. for that matter.)
Jon> I believe that changing this and making it be dependent on the
Jon> algorithm type would be utterly wrong. It would add one more
Jon> little gnarly bit into a system that is already filled with too
Jon> many gnarly bits.
I agree that it should not be changed. For that matter, I am
thoroughly puzzled why anyone would say that it's better to use high
order bits than low order bits. We're talking about taking a subset
of the bits of a hash function, right? Any old subset is as good as
any other. A random subset of the bits would be just as good, or just
as bad, as the high order bits, or the low order bits.
paul