[pkg-gnupg-maint] Bug#824084: gnupg defaults to SHA1 certifications
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Thu May 12 05:32:31 UTC 2016
Package: gnupg
Version: 1.4.12-7
Severity: important
Control: fixed -1 2.1.11-7+exp1
gnupg 2.x defaults to making signatures and certifications with
sha256, and has for quite some time; i know of no problems with that
decision today (it's 2016!).
We should update gnupg 1.4.x's default digest algorithm to SHA256 as
well, possibly even in stable for the next point release.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20160512/d40339c6/attachment.sig>
More information about the pkg-gnupg-maint
mailing list