-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Thu, Apr 25, 2013 at 11:47:49PM -0400, Robert J. Hansen wrote:
> A preimage attack on SHA-1 is my house being on fire: avoiding SHA-1 for > self-signatures is making sure to turn off the coffeepot. While I agree with what you're saying, the big difference between this situation and your example is that it's trivially easy for me to say "use this digest method instead of this other one" and then forget about it. The coffee pot will take care of itself. The question becomes invisible to me as soon as I've set the default, and if the effort is so low to do it, I don't see any real reason *not* to do it. Security is about nudging up the bar. Now, that said, I still don't understand why I was seemingly unable to change the digest algorithm I'm using for my old key. I'd be grateful if someone could enlighten me on that point, as I really want to grasp what was happening. - -- Mason Loring Bliss ma...@blisses.org Ewige Blumenkraft! $awake ? $sleep : int rand 2 ? $dream : $sleep; -- Hamlet, Act III, Scene I -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCgAGBQJReqi+AAoJEJ6yV3B27yVVeWEQAM8Zq23t23ZPUWylHDttflrR h/gqg2QQd1VUeOiIdjUebrWfq7wREj2w+quO3mnIipoGIkloTBtSWfuoXz6Molnl n+y1ye5/EcyNpsEWJmeilwg8WhxLvc1KiFzbB50dbeg5KEasTKR1vs0tQ3+cPZho ItfhnaxGWsSTVt5y4i7Ulqn7bPeXk0EjDOXHGKlPQI334/qgU+4wCs/cDK1o5uux 1bpgewvpea63q2O3d8b5xNl6INwdmPlTsl1DOUanIvD9I6TAEeD5YM6d8u/wPl7A k7U4qf0PbhCcK5SvjdXQRFc1w50SzPgNuQSHgbIHD5zD7tzfN7elHH5i0+zRXF/W wIBnzBDfZzVYgJgCc7OgfjyMe2aCpPml8hPCwBBN8l49EivUbgVvTXY9caGPA/zE Sq24QuChpUmPeNpO5aFhcmZHwhce2en28uryaOpmXZddHO5HTROBwkOPFhx51cHB g8ywoz/dvjcwmTwDgN23xBD/WBkaEUfrmzwdlywv3ldZNvduy1YamHrBEwNY61Hb M6cw/7buYlBv9hcXfiVaA1GtNBCJ/ASGlC9Mp3dwgCuhJ2kcPKVucmBo8z2uGJ8w UPm9bYqgs91eodUT1DxKEv+e18+h+PVRIYXd65fhPiBjfZ2ja+2hE6q5Xj9czhfP OsGxVaeV1D57CNkkxbzo =V6uB -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users