On the advisability of stronger digests than SHA-1 in OpenPGP certifications

Werner Koch wk at gnupg.org
Sun Jun 29 12:23:18 CEST 2014

On Sat, 28 Jun 2014 15:22, dshaw at jabberwocky.com said:

> I put a limited workaround in GnuPG at the time - that's why the
> encryption key is always written to the card after the auth key (so
> the encryption key would always be the "newest".  Of course, that

I have noch checked by I assume that this does not work anymore because
at some point we started to create all keys with the same timestamp.

> didn't handle existing keys.  The real fix was needed in PGP, and it
> was fixed.
> David
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users

Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list