[DOCS-8622] Stop using 32-bit GPG key IDs Created: 17/Aug/16 Updated: 30/Aug/16 Resolved: 30/Aug/16 |
|
| Status: | Closed |
| Project: | Documentation |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Andrew Aldridge | Assignee: | Andrew Aldridge |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Days since reply: | 7 years, 26 weeks ago | ||||||||
| Story Points: | 0.25 | ||||||||
| Description |
|
Our Debian and Ubuntu installation instructions currently tell people to download keys based on their 32-bit key id. Key servers will serve the latest key matching the requested key id, and it is trivial to create key id collisions. I don't know if this would be an issue in practice, but let's just switch to the full GPG key fingerprint if possible. |