Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reference Satoshi's PGP key by full fingerprint #3

Merged
merged 1 commit into from
May 17, 2013
Merged

Reference Satoshi's PGP key by full fingerprint #3

merged 1 commit into from
May 17, 2013

Conversation

petertodd
Copy link
Contributor

32-bit key ID's are too short to be secure.

One or more people who are trusted in the community who have actually had correspondence with Satoshi directly will need to ACK this first to make sure I really did get the right fingerprint.

You know, there is an argument to be made for those people signing Satoshi's PGP key too.

@petertodd
Reference Satoshi's PGP key by full fingerprint
fb70771 
32-bit key ID's are too short to be secure.
@vessenes
Copy link
Contributor

Gavin can check the long-form fingerprint.

Thanks Peter.

On Fri, Apr 26, 2013 at 4:11 PM, Peter Todd notifications@github.comwrote:

32-bit key ID's are too short to be secure.

One or more people who are trusted in the community who have actually had
correspondence with Satoshi directly will need to ACK this first to make
sure I really did get the right fingerprint.

You know, there is an argument to be made for those people signing

Satoshi's PGP key too.

You can merge this Pull Request by running

git pull https://github.com/petertodd/The-Bitcoin-Foundation-Legal-Repo master

Or view, comment on, or merge it at:

#3
Commit Summary

  • Reference Satoshi's PGP key by full fingerprint

File Changes

Patch Links:

https://github.com/pmlaw/The-Bitcoin-Foundation-Legal-Repo/pull/3.patch

https://github.com/pmlaw/The-Bitcoin-Foundation-Legal-Repo/pull/3.diff

Are you coming to Bitcoin2013 http://bitcoin2013.com in San Jose In May?

[image: CoinLab Logo]PETER VESSENES
CEO

*peter@coinlab.com * / 206.486.6856 / SKYPE: vessenes
71 COLUMBIA ST / SUITE 300 / SEATTLE, WA 98104

@ghost ghost assigned pmlaw Apr 29, 2013
@pmlaw
Copy link
Owner

pmlaw commented Apr 29, 2013

Thanks, I will add this to the agenda for our next board meeting so we can vote on this change. My sense is that we want to get it right and if Gavin and others can confirm we will merge.

@petertodd
Copy link
Contributor Author

Sounds good.

It's not a big issue, but I'd hate to see some silly hoax be pulled by someone making a fake PGP key with the same 32-bit keyid - why I also increasingly think Gavin and some others should sign Satoshi's key too as part of the process.

@gavinandresen
Copy link

ACK, that is the correct full fingerprint.

pmlaw pushed a commit that referenced this pull request May 17, 2013
Merge pull request #3 from petertodd/master
192d0b5 
Reference Satoshi's PGP key by full fingerprint
@pmlaw pmlaw merged commit 192d0b5 into pmlaw:master May 17, 2013
@mdhaze mdhaze mentioned this pull request Jul 22, 2014
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@pmlaw pmlaw

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@petertodd @vessenes @pmlaw @gavinandresen