@ladams@gs.sdf.org You're not using a mere 4 octets to identify a GnuPG key, are you? Recently I learned that short keyID collisions are now trivial to create, and the keyservers are full of fake short keyIDs. Please check out https://lkml.org/lkml/2016/8/15/445 and https://news.ycombinator.com/item?id=12296974 !crypto !GnuPG /cc @thomask@gs.sdf.org
@brandoninvergo @kat https://lkml.org/lkml/2016/8/15/445 https://news.ycombinator.com/item?id=12296974
Fake Linus Torvalds' #Key Found in the Wild, No More #Short-IDs . http://qttr.at/1fwl !privacy !linux #gpg