Opened 4 years ago
Closed 4 years ago
#1874 closed defect (fixed)
PGP key identification is unsafe
Reported by: | Nick | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | undecided |
Component: | apps/syndie | Version: | 0.9.27 |
Keywords: | install | Cc: | |
Parent Tickets: | Sensitive: | no |
Description
The syndie download page <http://www.syndie-project.net/download.html> identifies the signature key as '0xDF0A0A1A'.
According to <http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html> this form of key identification is unsafe.
Please instead use the long key id format.
Subtickets
Note: See
TracTickets for help on using
tickets.
Hi!
new zzz signing key was noted in long format on syndie project page.
echelon