laying groundwork for an eventual migration away from SHA1 with gpg
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed May 6 07:38:53 CEST 2009
Hi gpg folks--
In the interest of building a web of trust that is not reliant on SHA-1
sometime in the future, i've posted some initial suggestions in the form
of a HOWTO for debian users and developers to my blog:
http://www.debian-administration.org/users/dkg/weblog/48
The goal of the piece is to outline a few practical steps that
relatively skilled users can take to lay the groundwork for an
environment in which we can effectively deprecate SHA1 in the future
without cutting everyone off from each other.
I've tried to clarify the potential gravity of the situation without
sensationalizing it, and i've tried to provide concrete, non-disruptive
things for reasonable people to do in the present that will prepare for
a smoother transition in the future. The blog post should be aggregated
on http://planet.debian.org/ by now, so i'm hoping DDs (who tend to be
well-connected in the WoT) will read it.
I welcome any feedback, comments, and corrections.
Thanks for all your work on this stuff,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090506/afbd58e3/attachment.pgp>
More information about the Gnupg-devel
mailing list