[Pkg-gnupg-maint] Bug#725679: gnupg: does not seem to honor preferred hash algos list of the key being signed
Werner Koch
wk at gnupg.org
Tue Oct 8 20:19:22 UTC 2013
On Tue, 8 Oct 2013 02:05, sanvila at unex.es said:
> to get reasonable defaults. Is SHA-1 a reasonable default for key
> signing?
It is the default becuase SHA1 one is a MUST algorithm for OpenPGP and
fingerprints are anyway compuyted using SHA1. SHA256 is not supported
by all OpenPGP implementations.
BTW, what is your threat model?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Pkg-gnupg-maint
mailing list