On the advisability of stronger digests than SHA-1 in OpenPGP certifications [was: Re: riseup.net OpenPGP Best Practices article]

[Kristian Fiskerstrand]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/27/2014 10:24 PM, John Clizbe wrote:
> Kristian Fiskerstrand wrote:
>> On 06/27/2014 03:54 PM, shmick at riseup.net wrote:
>> 
>> 
>>> Robert J. Hansen:
>>>> On 6/26/2014 5:57 PM, Daniel Kahn Gillmor wrote:
>>>>> PGP 8 was released over a decade ago, that's hardly a
>>>>> modern implementation:
>>>> 
>>>> And yet, it still conforms (largely) to RFC4880.  Methinks 
>>>> you're objecting because it's a largely-conforming
>>>> implementation that doesn't have good support for SHA256.
>>>> ;)
>>>> 
>>>>> In what ways is its support for SHA-256 limited?  I'm
>>>>> having a hard time finding documentation for it.
>>>> 
>>>> If I recall correctly, it can understand SHA-256 but not 
>>>> generate SHA-256.  SHA-256 generation support was added late
>>>> in the 8.x series, but earlier 8.x releases could understand
>>>> it.
>>>> 
> 
> That is as I remember it, Rob. I don't recall if there was a
> difference between 8.0 and 8.1 with respect to SHA-256. JM3
> probably would.

My recollection is that SHA256 was added read-only in 8.1


- -- 
- ----------------------------
Kristian Fiskerstrand
Blog: http://blog.sumptuouscapital.com
Twitter: @krifisk
- ----------------------------
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
- ----------------------------
Veni vidi velcro
I came, I saw, I got stuck
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJTrd1tAAoJEPw7F94F4TagqMMP/3AZUe8laiv/P83Za9qlyyy0
9eh4VJNQI5VeeUMvabl9MyUP6eY8RzZcMfTod12NlQy3+Y1aprWtSisUNnWK/6MV
7mnF1iCPZaynhIa5qdU0D/jeczLT7XTXPX5ReZjE+xCWk6lRynHr+owwF6S0YalS
qgUz6Cnem2EqXuzl/rQeLRSc9nijGVyTuk/YHJTQ1ykHCC+8h5G4ZgzHG2EwiyJc
FC6V3JqtoWmn4Pv0nxQW/JFR6z8a7/kINFqeQ0eUUyQY0C9/EuckVSTch8ZpYVZn
oWaF2b2lTuR0JkfcHpyPmRxhk8wBaeJkt+zrpIa6Xq3ssXhbnGSnTk43NuOsMGf+
JdzQePG+9iU/f9VmZhHGpyDvSKYgY3avAQ3n192fVFxMDvv3ruPAytZz/zUAR7IA
c2bOPrQ2qo8nrZAY7SptXsIvEcXujLXSVwFsPQMWBeqAXh01y4gAgcxW/DGaeitD
AwWYyg453EBsLkgnUXM5O6Ry+KbP0Z8J7QqyIFsdCjamVq5Q7UCZC5WpIa0KMIx6
B/4hI8oLwJDtZmMzKeu6tquLD/wWJwz3w2U1Mu5gijDBdyrhH0UF2MdABCi8Yx60
lGCT4hxv0du4R53p+dQj1Y5GvLtrc5ugQygbcmiY3j01EwmIX3iOOypqvnlzUx+p
qvXHhqO4irBA5jO0rsI3
=LgOx
-----END PGP SIGNATURE-----