Hello,
David Shaw wrote:
On May 5, 2009, at 2:13 AM, Daniel A. Nagy wrote:
Hi,
David Shaw wrote:
It's a larger problem than just fingerprints. We also use a fingerprint
as a specifier inside the revocation key subpacket, to designate which
key can be used to issue revocations on our behalf. The thing is,
though, a fingerprint isn't really a very good revocation key specifier:
Fingerprints:
* Must be human-readable
* Needs to be small to be useful
* Can collide to some small amount (4880 even documents that they
collide in section 12.2)
That's not the fingerprint. That's the key ID.
A nit, but that really is the fingerprint.
12.2:
Note that there is a much smaller, but still non-zero, probability
that two different keys have the same fingerprint.
While the probability is non-zero, but it is roughly equal to accidentally
guessing the discrete logarithm of a DSA key or a prime factor of the RSA key.
It's not exactly *likely*, but it's not quite zero. I heard a
urban-legendish story once about someone who (completely accidentally)
generated a key that just happened to have a fingerprint collision with
someone else's key. Unfortunately, thinking it was a bug, they deleted
the key... make of that what you will :)
There WAS a bug and he did the right thing.
--
Daniel
signature.asc
Description: OpenPGP digital signature