Accidentally used SHA1

Cannon cannon at
Fri Jul 1 18:45:42 CEST 2016

I accidentally messed up. Used the wrong gpg.conf when generating a
signature on a message. The incorrect config was used causing my message
to be signed using SHA1 instead of SHA512. I did not realize this until
after message was already irreversibly published.

Does using SHA1 in past make my key less secure or does this only make
the signed message more prone to collision instead of key leak?

More information about the Gnupg-users mailing list