Can I see the checksum when I sign/verify a file?
dshaw at jabberwocky.com
Thu May 4 19:07:04 CEST 2006
On Thu, May 04, 2006 at 09:34:55AM -0600, Phil Helms wrote:
> Why not use MD5?
MD5 is deprecated in OpenPGP. The current OpenPGP draft says:
* The MD5 hash algorithm has been found to have weaknesses, with
collisions found in a number of cases. MD5 is deprecated for
use in OpenPGP. Implementations MUST NOT generate new signatures
using MD5 as a hash function. They MAY continue to consider
old signatures that used MD5 as valid.
More information about the Gnupg-users