On the advisability of stronger digests than SHA-1 in OpenPGP certifications [was: Re: riseup.net OpenPGP Best Practices article]

Robert J. Hansen rjh at sixdemonbag.org
Thu Jun 26 23:45:01 CEST 2014

On 6/26/2014 2:25 PM, Daniel Kahn Gillmor wrote:
> If you know of a modern OpenPGP implementation that supports SHA-1 but
> not SHA-256 or SHA-512, please point it out (and no, creating one just
> to be able to point to it doesn't count :P)

PGP 8.x, which is still in use today by a surprising number of people,
has limited support for SHA-256 and none at all for SHA-512.

More information about the Gnupg-users mailing list