why is SHA1 used? How do I get SHA256 to be used?
Werner Koch
wk at gnupg.org
Thu Jul 12 16:16:58 CEST 2012
On Wed, 11 Jul 2012 22:55, nicholas.cole at gmail.com said:
> But one thing that might be helpful to explain is this: what needs to
> be in the V5 key format aside from the change in fingerprint hash?
> Aside from that issue, the V4 key format seems to have been resilient.
> What are the other issues that need to be addressed?
We need to check the WG archives for a list. What I can remember are:
- A new fingerprint scheme
- A hard (non-changeable) expiration time
- A different way to express timestamps (Y2038 annoyance and the hard
Y2106 problem). An 8601 timestamp string should do.
- Get rid of the old and optional protection schemes or even switch to a
modern standard one.
There are related things we need to change for signatures packets. It
might also be a good time to replace PKCS#1.5,
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list