ietf-openpgp
[Top] [All Lists]

Re: [openpgp] New fingerprint: to v5 or not to v5

2015-09-18 07:26:01
On Fri, 18 Sep 2015 00:05, vedaal(_at_)nym(_dot_)hush(_dot_)com said:
would probably also become viable for subkeys as well, and it might be
possible for an attacker to generate a subkey with a collision for the
cross-certifying signature, and be able to graft a false subkey onto a

You mean the back signatures (Primary Key Binding Signature), right?
They are done directly on the key material and not on the fingerprint.
Thus back signatures can be updated to SHA-256 without problems.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp