signatures, key ids etc.
David Shaw
dshaw at jabberwocky.com
Thu Jul 7 23:47:30 CEST 2005
On Wed, Jul 06, 2005 at 10:59:46PM +0100, Nicholas Cole wrote:
> As I read 2440 (and the output of gpg), only the Key
> ID of the key that signed a key is stored with the
> signature. The chance of two keys with the same ID is
> lower than the chance of two with the same
> fingerprint, so I was wondering why the fingerprint
> was not stored.
History. Way back when, only the key ID was stored.
> Is there any way that a user would be able to tell, in
> the theoretical case that two keys with the same ID
> were on his keyring, which had made a signature?
Sure - it'll only verify correctly with one of them :)
David
More information about the Gnupg-devel
mailing list