Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: Should PGP keys be made mandatory for high ranks?
by
Carlton Banks
on 02/03/2019, 14:53:12 UTC
Quote from: hacker1001101001 on March 02, 2019, 02:25:55 PM
this was already suggested by OgNasty to theymos, and theymos thinks PGP keys are insecure and it needs a revision.

Quote from: theymos on February 25, 2019, 10:01:01 PM
Quote from: OgNasty on February 25, 2019, 09:56:21 PM
I’ve long thought there should be a spot for PGP fingerprint.

PGP fingerprints are SHA-1, which is insecure. The OpenPGP standard really needs a complete new revision...

hmmm, that means spoofing fingerprints is fairly trivial. Awkward.