Security doubts on 3DES default

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Tue Mar 14 00:57:16 CET 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On Monday 13 March 2017 at 11:02:48 PM, in
<mid:8a90f560-88f0-c3c8-4598-78080966d743 at sixdemonbag.org>, Robert J.
Hansen wrote:-

> I don't
> know how you'd
> come up with a real-world case where you'd need a
> common hash algorithm
> set for signing purposes.

GnuPG presumably has a reason for defaulting to SHA-1 signatures on a
lot of the messages encrypted to the 30 members' keys on PGPNET. Some
people whose PGPNET group messages have SHA-1 signatures report that
non-group messages they sign and encrypt have SHA-256 signatures.

For what its worth, forcing SHA-256 signatures with a "digest-algo"
line in gpg.conf doesn't cause anybody to shout that there is a
problem. But GnuPG says "gpg: WARNING: forcing digest algorithm
SHA512 (10) violates recipient preferences".

- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

After all is said and done, a lot more will be said than done.
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQQzrO1O6RNO695qhQYXErxGGvd45AUCWMcx3V8UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNB
Q0VENEVFOTEzNEVFQkRFNkE4NTA2MTcxMkJDNDYxQUY3NzhFNAAKCRAXErxGGvd4
5IjuAP9TeNXQReTgAda3IoJYh4b5RzgZMcRR3oILvKAlVo0RFQEA2safGRSwmmHg
b9JMcHEtCHNmR25N1JFouT+Oyj3YIQ2JAZMEAQEKAH0WIQSzrn7KmoyLMCaloPVr
fHTOsx8l8AUCWMcx3V8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0QjNBRTdFQ0E5QThDOEIzMDI2QTVBMEY1NkI3
Qzc0Q0VCMzFGMjVGMAAKCRBrfHTOsx8l8ObICACA4cPYiqk9XkUIy0CNV5BMo4yr
lLw6O9zYh2CQnC5k0A1xnVPDg3ZQLZKufuTP2DUuglKk7f5aEosGkDgm7ukQm8Il
Xkx1Nm7kULTDSZwW0YAXu3IswI8pyUZIyztHps3RYzT2iRVJp2p0P3OJjHTCdfIe
+nLImyOKHV442nd7ylIqbFZ0431O/KWqwFF+OSsg0VJZo0x+mAm0IY6RQuvf3DIO
90BMdh9KmPPeMd2Hm2/x5qN/p/gQhW9xWs1PH1vkDp7dM0OPUMlR4WZCbECPmLuD
MewuH8XK9nG478Z1TFjH8sS2XuDWp0H32C77tkrERAMX3WM/snH7k30pQN+u
=HUGl
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list