Blog

Viewing posts from May, 2009

Re: HOWTO prep for migration off of SHA-1 in OpenPGP

Daniel says that we should move away from SHA1 by switching hash algorithms for signatures and generating keys that use at least SHA256 from SHA-2 family. I have been bitten by non-default GPG options before. So I propose that we do a security release of GPG that changes the defaults of key generation and key signing in such ways that SHA-1 algorithms are not used by default for any operation, unless a backwards compatibility option is used.

Recent Posts

Archive

2017
2016
2015
2014
2013
2012
2011
2010
2009
2008
2007
2006
2005

Categories

Authors

Feeds

RSS / Atom