OpenPGP Applet should display key creation time instead of key ID
In the public key encryption interface of OpenPGP Applet, the keys are listed displaying the short hex key ID.
It doesn’t really matter since it’s not involved in fetching keys or the like, but it’s good practice to always use the long hex keyid.
If only for the sake of consistency, OpenPGP applet should diplay long IDs too.
That said, long keyids are unsafe too (though a bit less so than short ones). Maybe we shouldn’t display them at all and only show fingerprint ?
Related to Tails -
#3 Updated by nodens 2017-11-06 20:44:42
- Type of work changed from Discuss to Code
This ticket was discussed during the monthly meeting (November 2017).
Here is a summary of the discussion / decision:
- It’s not used for key verification, only disambiguation.
- user should not rely on id for verification (any id).
- seahorse-tool show short key id
- Fingerprint here would be confusing.
Since seahorse-tool show short key id, we should stick with that, or, preferably, display no id at all. Then we would show the key creation date for disambiguation.
#5 Updated by nodens 2018-02-25 18:56:38
- Status changed from Confirmed to Resolved
OpenPGP applet is moving to its new home on https://salsa.debian.org/openpgp-applet-team/openpgp-applet
This issue has been duplicated upstream: https://salsa.debian.org/openpgp-applet-team/openpgp-applet/issues/10
I’m closing this one. Feel free to comment on the upstream link!
You will need an account on Salsa. If you don’t have one already, you can create one on https://signup.salsa.debian.org/.