Debian crypto strength

Daniel Pocock daniel at
Thu Jun 27 11:24:52 CEST 2013

Some of the discussion in this bug seems relevant to the GnuPG and
GnuPG2 packages in Debian, but the bug is against the archive

Can anybody else make any comments:

a) should there be more effort to phase out SHA1?

b) how is it being approached upstream?  Is backwards-compatibility
still emphasized to the same extent?

c) should this become a general system-wide goal to audit and increase
crypto-strength in all parts of jessie / future Debian versions?

More information about the Gnupg-users mailing list