[openpgp] SHA-2 support should be mandatory – change defaults
Werner Koch
wk at gnupg.org
Mon Aug 11 23:58:07 CEST 2014
On Mon, 11 Aug 2014 19:31, johanw at vulcan.xs4all.nl said:
> Fixing the packet order when --pgp2 or --rfc1991 are used would help a
Too complicated and breaks too much.
> lot. And now I assume that pgp 2 will not pass away before the
It is quite funny that some people here demand a ban of SHA-1 while some
still believe MD5 (pgp 2) is a safe choice. MD5 has been broken; it is
easy to compute collisions and there are theoretical pre-image attack.
SHA-1 has for now only a theoretical collision attack. Please get rid
of your old pgp 2 stuff - you can't trust the signature anymore.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users
mailing list