X-Git-Url: https://git.sthu.org/?a=blobdiff_plain;f=caff%2FREADME.many-keys;h=235a6e27c27c6876d2e5565009b0422b0ae12bc8;hb=f9449cd821679a147cf3e81bb63f0dab902fe955;hp=5d5c2f2301d02dd31ea8edd9e89a059a5481eb14;hpb=447dfe626aa5d4cb26c2e04fc55812e5214fc2a3;p=pgp-tools.git diff --git a/caff/README.many-keys b/caff/README.many-keys index 5d5c2f2..235a6e2 100644 --- a/caff/README.many-keys +++ b/caff/README.many-keys @@ -19,11 +19,16 @@ Some hints to get the signing done faster: V3 keys (pgp 2.6x keys) are deprecated. Not only do they rely on md5 for their fingerprint and signatures, they also use the patented IDEA algorithm - for encryption. Many people (like caff's author) refuse to sign v3 keys - these days. + for encryption. Also, there are several attacks that make creating new keys + with the same keyid trivial. Others make it possible to create different + keys with the same fingerprint (tho the key will not actually contain valid + RSA parameters). - If you want to sign v3 keys, sign v3 separately. Batch processing does not - work. See README.v3-keys. + Because of these problems a lot of people (like caff's author) refuse to sign + v3 keys these days. + + If you still want to sign v3 keys, sign v3 separately. Batch processing does + not work. See README.v3-keys. * Use multiple passes.