On Thu, 05 Jan 2012 18:57:35 +0100 ""Paweł Hajdan, Jr."" wrote: > On 1/2/12 6:17 PM, Michał Górny wrote: > > Insecure to what? > > It's easy to confuse keys that way. I'm not saying that it results in > an immediate compromise or that it's urgent, but if we can make it > harder to confuse keys, why not do that? I don't say that we should or shouldn't do that. I just say that we shouldn't say it will improve any kind of 'security'. > > The trust model of PGP is not based on key > > IDs. The short IDs are only used to let users grab our keys at will; > > and as the blog post shows, GPG handles repeating key IDs just fine. > > Do all developer keys have at least one signature of some other key? > In the absence of signatures (and how does the user verify that those > have been made by developers?), what users have is our list of short > key IDs. And how can they verify that list? I don't think there's a reason to trust it, and I don't think most of us care about it at all. -- Best regards, Michał Górny