having trouble checking the signature of a downloaded file
Kristian Fiskerstrand
kristian.fiskerstrand at sumptuouscapital.com
Thu Feb 22 23:44:29 CET 2018
On 02/22/2018 11:13 PM, Kristian Fiskerstrand wrote:
> On 02/22/2018 11:03 PM, Henry wrote:
>> 2018-02-21 20:56 GMT+09:00 Kristian Fiskerstrand
>> <kristian.fiskerstrand at sumptuouscapital.com>:
>>> On 02/21/2018 11:53 AM, Peter Lebbing wrote:
>>> Touché :) Indeed, didn't notice it was an old file/signature , then
>>> gnupg 1.4 is the recommended official suggestion presuming established
>>> validity of key material etc etc.
>> gpg (GnuPG) 1.4.22 does give more information, but no success; see
>> below. May I assume that nothing
>> can be done other than to request the author to remedy the situation?
>> Thanks all.
>>
> --allow-weak-digest-algos
> Signatures made with known-weak digest algorithms are normally
> allows the verification of signatures made with such weak algorithms.
> MD5 is the only digest algorithm considered weak by default.
>
That was truncated;
.B --allow-weak-digest-algos
Signatures made with known-weak digest algorithms are normally
rejected with an ``invalid digest algorithm'' message. This option
allows the verification of signatures made with such weak algorithms.
MD5 is the only digest algorithm considered weak by default. See also
\fB--weak-digest\fR to reject other digest algorithms.
--
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP keyblock at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Varitatio delectat
Change pleases
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180222/52886488/attachment.sig>
More information about the Gnupg-users
mailing list