ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [openpgp] Followup on fingerprints

2015-08-06 14:19:36
from [Daniel Kahn Gillmor] [Permanent Link] 
On Thu 2015-08-06 12:12:48 -0400, Nicholas Cole wrote:

There's actually just a more basic, practical problem. Most gpg tools
assume unique fingerprints. Is it even possible to specify one key rather
than another if both have the same fingerprint?


but what are the consequences of this?  If there's a specifically
troubling scenario that puts other people at risk, we should be able to
describe it.

If there isn't, then this suggests that actually using two keys with the
same fingerprint is a problem only for the person who holds the two
keys, right?

But that person has an easy (much cheaper in fact) way to proceed
without the problem: don't make a fingerprint collision in the first
place!

        --dkgp

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [openpgp] SHA3 is standardised as FIPS 202, ianG
Next by Date:  Re: [openpgp] [dane] The DANE draft, Daniel Kahn Gillmor
Previous by Thread:  Re: [openpgp] Followup on fingerprints, Nicholas Cole
Next by Thread:  Re: [openpgp] Followup on fingerprints, Phillip Hallam-Baker
Indexes:  [Date] [Thread] [Top] [All Lists]