I would like to tell the recipients of my emails that I use GnuPG. To do so, I would have simply put a line "GnuPG key 0x14102F.." under my address in the email's signature. However, I often see people also giving a fingerprint. Is this a good idea? I don't see any reason. If a recipient has my key ID, (s)he can go to a keyserver, download my public key, and use it for verifying my signed and/or encrypted messages. So why would one need a fingerprint? I was wondering what is 'good practice'.
Actually, I found that giving the fingerprint only is the desired method, see http://lists.gnupg.org/pipermail/gnupg-users/2009-January/035204.html It also contains the key ID, so that information does not have to be provided as well. The issue of the key ID not being unique is raised at several places, for example http://www.asheesh.org/note/debian/short-key-ids-are-bad-news.html The fingerprint is indeed also not unique but it's very unlikely that it isn't.