dshaw at jabberwocky
Jun 22, 2012, 11:06 AM
Post #10 of 15
On Jun 22, 2012, at 12:12 PM, Georgi Guninski wrote:
Re: Using second keyring may be misleading?
[In reply to]
> On Fri, Jun 22, 2012 at 11:23:20AM -0400, David Shaw wrote:
>> A few people pointed it out in the mid-1990s (that long ago!) but I think it was first proposed by Paul Leyland at Oxford.
>> Here's an old posting about it: http://groups.google.com/group/sci.crypt/browse_thread/thread/25248ce8d6dfc1e4/e5372a1bd972dc07
>> It was one of the many things that prompted the V4 key format. It doesn't break the web of trust, but can confuse people (and implementations) as to which key is which.
> So it still confuses implementations? :)
Unfortunately, it's pretty inherent in the design. The issuer subpacket that contains the key ID for a signature only has the 64-bit key ID. We'd need a new issuer subpacket that contained the whole fingerprint.
> I am doing something similar - fixed the lowest 64 bits of p,q
> and generated random high bits until 2 primes are found.
> Even (or maybe divisible by 4) v4 keyids would need more
> patching or using something other than gpg for key generation.
Yes, that's what I'm doing, with a similar limitation around even numbered key IDs.
Gnupg-devel mailing list
Gnupg-devel [at] gnupg