Better way to ID keys

Werner Koch wk at isil.d.shuttle.de
Mon May 31 10:29:30 CEST 1999


Jason Gunthorpe <jgg at ualberta.ca> writes:

> The poster describes a mechanism that can be used to spoof a key finger
> print and a key ID but indicates that spoofing the fingerprint, key ID and

This is quite old news.  And I think the keysigning party FAQ
explictyely says that you have to compare more than justthe
fingerprint.  The problem exists only with v3 keys (and that is in
nearly all cases a RSA key).  OpenPGP and the v4 keys addresses this
and other problems;  This is one of the reasons why RSA keys are
depreciated and if we put RSA back after sep 2000 they will go into
v4 packets of course.

Please note that the key ID of a v4 key are the lowest 64 bits of the
fingerprint.

> So, assuming that is not just some horrible prank - could I ask that the
> status-fd output contain not only the key fingerprint but it's type, and

Hmmm.

> it's size. Furthermore, I would like it if there was a nice standard way
> to give GPG an exact key specfication involving all relevent portions and
> have it use that exact key.

The fingerprint is used all over the system as the unique key
identifier.

> This way I could specify the key to --recipient with assurance that it
> precisly matches the one in my database. (In effect we maintain a seperate
> global trust database for our keys, all the keys in that list are assured 
> to be Debian Developer keys)

Well I think it is better t amke sure that either the key IDs in the
Debian keyring are unique (which is not required by OpenPGP) or that
the finperprints are unique.

> Even if that posting isn't true it would be nice to have all that
> information in the status-fd for completeness. (Just size and type are

Okay.

> My only other concern is that GPG uses the key fingerprint as an index for
> it's gdbm keyring (I choose to use it as well because of that) will this
> lead to problems if someone malliciously collides fingerprints?

You can also create faked key IDs (watch out for 0xdeadbeef key ID on
the keyservers) and the key ID is quite importand as it is used to
specify the used key.

We need the fingerprint to identify a key (the key ID may have
collissions).  IIRC there is an addtional check in the gdbm keyring
code mitch matches the key material and not only the fingerprints
(which are used as index) and if they don't mathc  gpg should cry
load. 


-- 
Werner Koch at guug.de           www.gnupg.org           keyid 621CC013



More information about the Gnupg-devel mailing list