Security doubts on 3DES default

Robert J. Hansen rjh at
Thu Mar 16 01:44:41 CET 2017

> --weak-digest SHA1 --disable-cipher-algo 3DES

Yeah, but that's ... *bad*.  Breaks most of the Web of Trust, makes most
cert sigs meaningless, removes the fallback cipher ... I think this is a
great example of a cure worse than the disease.  :)

Phil Pennock made a post a bit ago detailing his experiment with
disabling SHA1.  It was informative, to say the least.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20170315/a83870d9/attachment.sig>

More information about the Gnupg-users mailing list