Sebastian Reichel, on Wed 10 Aug 2016 07:14:09 +0200, wrote: > On Wed, Aug 10, 2016 at 12:47:43AM +0200, Samuel Thibault wrote: > > As a late follow-up of the gpg key collision thread from debian-private > > (but posted on debian-devel, there is nothing private here, I prefer to > > see this information publicized actually): > > > > € gpg --search-key samuel.thiba...@gnu.org > > ... > > (1) Samuel Thibault <samuel.thiba...@gnu.org> > > 4096 bit RSA key 7D069EE6, created: 2014-06-16 > > (2) Samuel Thibault <samuel.thiba...@gnu.org> > > 4096 bit RSA key 7D069EE6, created: 2010-09-14 > > > > So somebody *does* try to fake my gpg key too... > > Looks like somebody uploaded the evil32 (https://evil32.com/) > data to public keyservers.
Not all of evil32 apparently, there is not 6E520E81EA52ECF4 on pgp.mit.edu for instance. Just looking at the people I've signed, something like 1/4 of their clones have been uploaded. Samuel
