Get Gentoo! |
You've probably read (or should)
which describes why using short gpg key ids is insecure.
Note it's about IDs, i.e. 0x30427902 vs. 0xB9442D9430427902 (it's short
and long ID of my current key), not the keys themselves. That means no
need to change keys, just change the way we display them on web pages
and possibly in other places.
What do you think? Should I file a bug to convert e.g.
http://www.gentoo.org/proj/en/devrel/roll-call/userinfo.xml ? Or do we
only have short key IDs in LDAP, which would require everyone to submit
the full ID?
Updated Jun 18, 2012
Archive of the gentoo-project mailing list.
Donate to support our development efforts.
Your browser does not support iframes.