pgp: Key: Don't use short (8 chars) identifiers (!102) · Merge requests · GNOME / Passwords and Secrets

Niels De Graef requested to merge wip/nielsdg/dont-use-short-keyid into master Jan 10, 2020

Short key IDs (8 characters) are susceptible to collision attacks: it's quite easy to create a key with exactly the same short keyid. As such, start using the long key id (16 characters).

For more info, see:

https://evil32.com/
http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html

pgp: Key: Don't use short (8 chars) identifiers

Merge request reports