Re: Ideas please

From: "Peter S. May" <psmay@xxxxxxxxxxxx>
Date: Sat, 28 Oct 2006 16:33:06 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Kristian Gjøsteen wrote:

Do you know what happens if you add a new public key to your key ring
with the same key id? (Intuitively, I'd be more comfortable with a
fingerprint here, but I don't know if key id only is bad.)

The 32-bit (8 hex digit) key ID is only used as a mnemonic for the full
key fingerprint. Actually, the key IDs in common use now are only the
latter half of what was originally a 64-bit ID (which is itself just the
last 64 bits of the 160-bit fingerprint in V4 keys). But even that ID
isn't treated as unique. From RFC 2440:

3.3. Key IDs

A Key ID is an eight-octet scalar that identifies a key.
Implementations SHOULD NOT assume that Key IDs are unique. The
section, "Enhanced Key Formats" below describes how Key IDs are
formed.

The minimum representation of a key that is ever (correctly) treated as
unique is the fingerprint--so collisions aren't a terribly significant
concern.

As for encrypting things to yourself: You can avoid ambiguity by
specifying your own e-mail address instead of your own key (GnuPG will
let you use either) or specifying the key ID in 64-bit form. If you're
using PGP from a mail client, this isn't a concern; when you set
"encrypt to self" it is aware of your full key, which would avoid
ambiguities altogether.

PSM

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFQ75/ei6R+3iF2vwRAi6aAJoDhgC7qkn7pFM+BGGGr7yyPV79DACdEUM6
qt/GdJ0k64yZZ+9YV8eWxME=
=uA9q
-----END PGP SIGNATURE-----
.

References:
- Ideas please
  - From: Jean-Luc Cooke
- Re: Ideas please
  - From: Mike Amling
- Re: Ideas please
  - From: Peter S. May
- Re: Ideas please
  - From: Peter Pearson
- Re: Ideas please
  - From: Kristian Gjøsteen

Prev by Date: Re: Notice: My 2nd crypto book finished :-)
Next by Date: Re: Weak keys for ElGamal
Previous by thread: Re: Ideas please
Next by thread: Re: Ideas please
Index(es):
- Date
- Thread

Relevant Pages

Re: HP nx6125 kaufen trotz 10W Mehrverbrauch zu Pentium-M?
... Der Fingerprint ... Neuere Modelle des nx6110 sind mit solidem 15,4" 1400x1050-Display ... Vlt. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
(de.comp.sys.notebooks)
Re: warning: remote host identification has changed!
... | But what about the chance that the forged key has the same fingerprint ... I am assuming that ssh is storing a different type of ... | fingerprint but still thinks that there is a man-in-the-middle. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org ...
(comp.security.ssh)