[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [openpgp] New fingerprint: to v5 or not to v5



On Fri, 18 Sep 2015 00:05, vedaal@xxxxxxxxxxxx said:
> would probably also become viable for subkeys as well, and it might be
> possible for an attacker to generate a subkey with a collision for the
> cross-certifying signature, and be able to graft a false subkey onto a

You mean the back signatures (Primary Key Binding Signature), right?
They are done directly on the key material and not on the fingerprint.
Thus back signatures can be updated to SHA-256 without problems.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

_______________________________________________
openpgp mailing list
openpgp@xxxxxxxx
https://www.ietf.org/mailman/listinfo/openpgp