Re: [openpgp] Fingerprint schemes versus what to fingerprint
2016-04-07 12:51:07On Apr 7, 2016, at 12:15 PM, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
This is tricky: a further related question is how OpenPGP implementations decide what “kind” of fingerprint to produce, orThat is easy: a v4 key creates a v4 fingerprint (SHA-1) and for the new fingerprint we will requires a v5 key format. We have a lot of experience with that given that v3 keys used yet another fingerprint
Sounds reasonable; I didn’t know that was the precedent for PGP but given so it makes sense to stick to it. And I’m coming around to agreeing with the KISS position that fingerprints should deterministically depend only on the raw key material. But I’m still interested in hearing any discussion of the idea of designing the new fingerprint function so that users can (optionally) get some fingerprint-mining protection, as proposed in my other E-mail. Thanks Bryan
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openpgp mailing list openpgp(_at_)ietf(_dot_)org https://www.ietf.org/mailman/listinfo/openpgp
| Previous by Date: | Re: [openpgp] Fingerprint schemes versus what to fingerprint, Werner Koch |
|---|---|
| Next by Date: | Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bill Frantz |
| Previous by Thread: | Re: [openpgp] Fingerprint schemes versus what to fingerprint, Werner Koch |
| Next by Thread: | Re: [openpgp] Fingerprint schemes versus what to fingerprint, Bill Frantz |
| Indexes: | [Date] [Thread] [Top] [All Lists] |