moin moin,

we've known that collisions could happen on short key ID for pgp/gpg, now
we have some collisions in the wild and at least one tool is using short
key IDs to find (un)trust(worthy) paths between keys.

http://gwolf.org/node/4070

SCaLE uses the full fingerprint for key-signing parties. PLUG does as
well. In my experience that's always been expected.

Adjust your config to make sure WoT checks also use full fingerprint.

ciao,

der.hans
-- 
#  http://www.LuftHans.com/        http://www.PhxLinux.org/
#  "Just because it can be exploited doesn't mean it's a weakness" -- der.hans
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss