On Feb 15, 2011, at 11:44 PM, Robert J. Hansen wrote: > On 2/15/11 11:35 PM, Daniel Kahn Gillmor wrote: >> Long-form keyIDs (of the form 0xDECAFBADDEADBEEF) are significantly >> harder to spoof, but easily within reach of a well-funded organization. > > IIRC, Jon Callas says an accidental long-ID collision has occurred. I > don't recall the details. Still, the point is that collisions don't > just happen by deliberate attack.
One of the engineers working on PGP had generated a key and the keyserver had rejected it as non-unique. Unfortunately, the engineer chucked the key and made a new one... http://www.mailinglistarchive.com/html/[email protected]/2011-01/msg00027.html David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
