No support of long key_id or full fingerprint
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Duplicity |
New
|
Undecided
|
Unassigned |
Bug Description
Tried using the full fingerprint as recommended by gnupg: 'The use of key Ids is just a shortcut, for all automated processing the fingerprint should be used. ' [1] But that failed, same for using the long keyid.
Error: Sign key should be an 8 character hex string, like 'AA0E73D2'.
Error: Received '60DEADBEEF29E89B' instead.
Relying on the short keyid is a bad idea, they can be easily spoofed [2]. Long keyids can also relatively easy collide [3] and they can cause serious side effects. [4] I haven't tested what happens when there are colliding fingerprints.
It'd be nice if we can make use of full fingerprints.
I have tried to look at where the looks of a key are tested but got a bit lost.
[1] https:/
[2] http://
[3] http://
[4] https:/