On Sat, Dec 29, 2007, Jeff Johnson wrote:

>>> [...]
>>> Do you really need key fingerprint checking?
>>
>> Yes, indeed. Sorry, but this is really essential and also the reason
>> why I added fingerprint checking for gnupg() yesterday. One could
>> "rpm --import" arbitrary pubkeys or even overwrite the pubkey on the
>> filesystem, so it is actually *essential* to not just check whether
>> a pubkey matched, but also to check the fingerprint of this signing
>> pubkey to make sure something was signed by the *right* key.
>
> Whoa!
>
> The issue is whether a full 160 bits of SHA1 "key fingerprint" or just
> the least significant 64 bits of "key id" need to be compared.
>
> Adding additional complexity to compare the full fingerprint to avoid
> possible collisions in a 64bit space is what is being discussed, not
> whether any random pubkey will do.
> [...]

Ah, sorry, now got it. Hmmm... well, in practice the last 64bit might be
ok, of course. OTOH I can imagine that people will argue that this too
weak in the long-term. So, I would say, implement the 64-bit checking
*now* and if it adds too much code complexity suspend the full 160-bit
check for RPM 5.1. For me personally it is just important to be able
to do fingerprint checking at all. If it is strong, very good. If
it is weaker it is nevertheless still better than not checking the
fingerprint at all.
                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com