Key IDs are just a part of the fingerprint, last 8 hex digits of the full 160-bit one. That is, the 32-bit ID is "2A8E4C02" while the full hash is "67819B343B2AB70DED9320872C6464AF2A8E4C02". The problem is, as article shows, finding another SHA-1 hash that ends with the same digits is relatively easy.
Fortunately, as I've heard, there are no known (at least, no publicly known) second preimage attacks on SHA-1, so comparing whole hashes should be fine for a time being. But as I'M NOT A CRYPTOGRAPHER, please consult a cryptographer on this and take my words with a grain of salt.