ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Fingerprints

2015-04-11 05:51:49
from [Werner Koch] [Permanent Link] 
On Fri, 10 Apr 2015 23:37, calestyo(_at_)scientia(_dot_)net said:


Why? Isn't that exactly what the past has taught us? That using one
fixed fingerprint algo leads into all kinds of troubles?


Trouble with a fingerprint?  I am interested to hear about such a case.
(ssh's default use of MD5 does not count).


key.

And it caused also issues, when people *did* assume they'd be secure.


Yeah, similar to the common behaviour of only comparing the first and
last 2 bytes of SHA-1 fingerprints and checksums.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [openpgp] details of 4880bis work, Christoph Anton Mitterer
Next by Date:  Re: [openpgp] Intent to deprecate: Insecure primitives, Tom Ritter
Previous by Thread:  Re: [openpgp] Fingerprints, Christoph Anton Mitterer
Next by Thread:  Re: [openpgp] Fingerprints, Christoph Anton Mitterer
Indexes:  [Date] [Thread] [Top] [All Lists]