please change the default hashing algorithm

Robert J. Hansen rjh at
Tue Jul 14 22:25:19 CEST 2015

> course, the switch will happen, but it might be slow.  Perhaps GPG 
> could give users better guidance that they ought to be using Curve 
> 25519 rather than the vulnerable NIST or brainpool curves.  (I'm

"Vulnerable" NIST or Brainpool curves?

I'm unaware of any attack against either NIST or Brainpool curves.  If I
missed something, I'd love to know about it.

If this is about hypothetical or conjectured risks, then you should say
that instead.  "Vulnerable" is the sort of language we use to describe
SHA-1 -- the risk is real, we're seeing attacks getting better over
time, and so on.  To my knowledge, that isn't the case for NIST or

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150714/1423d5d1/attachment.sig>

More information about the Gnupg-devel mailing list