From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Rirw5-00051N-1q for garchives@archives.gentoo.org; Thu, 05 Jan 2012 18:21:09 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 80DBF21C1BF; Thu, 5 Jan 2012 18:20:50 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 7168821C1A2 for ; Thu, 5 Jan 2012 18:20:42 +0000 (UTC) Received: from pomiocik.lan (unknown [81.219.203.13]) (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 019991B4062; Thu, 5 Jan 2012 18:20:40 +0000 (UTC) Date: Thu, 5 Jan 2012 19:21:55 +0100 From: =?UTF-8?B?TWljaGHFgiBHw7Nybnk=?= To: gentoo-project@lists.gentoo.org Cc: phajdan.jr@gentoo.org Subject: Re: [gentoo-project] let's stop using short gpg key ids, that's insecure Message-ID: <20120105192155.077e8851@pomiocik.lan> In-Reply-To: <4F05E48F.3040802@gentoo.org> References: <4F01C37B.6000305@gentoo.org> <20120102181752.27c70a7f@pomiocik.lan> <4F05E48F.3040802@gentoo.org> Organization: Gentoo X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.8; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Project discussion list X-BeenThere: gentoo-project@lists.gentoo.org Reply-To: gentoo-project@lists.gentoo.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA256; boundary="Sig_/YK1PoY8W4KTfn4jXh/O2omZ"; protocol="application/pgp-signature" X-Archives-Salt: 16372866-3afd-4861-920a-cec90340055c X-Archives-Hash: 2c4028cab2a72027a600b10596de141e --Sig_/YK1PoY8W4KTfn4jXh/O2omZ Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Thu, 05 Jan 2012 18:57:35 +0100 ""Pawe=C5=82 Hajdan, Jr."" wrote: > On 1/2/12 6:17 PM, Micha=C5=82 G=C3=B3rny wrote: > > Insecure to what? >=20 > It's easy to confuse keys that way. I'm not saying that it results in > an immediate compromise or that it's urgent, but if we can make it > harder to confuse keys, why not do that? I don't say that we should or shouldn't do that. I just say that we shouldn't say it will improve any kind of 'security'. > > The trust model of PGP is not based on key > > IDs. The short IDs are only used to let users grab our keys at will; > > and as the blog post shows, GPG handles repeating key IDs just fine. >=20 > Do all developer keys have at least one signature of some other key? > In the absence of signatures (and how does the user verify that those > have been made by developers?), what users have is our list of short > key IDs. And how can they verify that list? I don't think there's a reason to trust it, and I don't think most of us care about it at all. --=20 Best regards, Micha=C5=82 G=C3=B3rny --Sig_/YK1PoY8W4KTfn4jXh/O2omZ Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) iJwEAQEIAAYFAk8F6kMACgkQfXuS5UK5QB2D5AP/euhZL+z3FYk+A26+WSlfXPgB 7yPjEo2ZCTVkJC55MrRv2cXoKWVWHBKxJ8ZD0YtBApYyOJKbVMKR0mZNkVVDQviY mJuMxfBAzQJdAj/84XsoZN8EHrdIpI3WJC4hDNnII0a5++JoqWnjSQ/6qJd8ys3y tQ7dN0MgRYaAPmxcj+s= =XLv2 -----END PGP SIGNATURE----- --Sig_/YK1PoY8W4KTfn4jXh/O2omZ--