that didn’t work :( Anybody else any idea how can i get rid of that message? Thanks Matthias
On 18 Jul 2021, at 16:12, Matthias Schmidt via mailmate wrote: > Hello, > > I kicked the SHA1 from this list and it fixed the problem I think: > gpgme_hash_algo_t GPGME_MD_MD5 GPGME_MD_RMD160 GPGME_MD_MD2 GPGME_MD_TIGER > GPGME_MD_HAVAL GPGME_MD_SHA256 GPGME_MD_SHA384 GPGME_MD_SHA512 > GPGME_MD_SHA224 GPGME_MD_MD4 GPGME_MD_CRC32 GPGME_MD_CRC32_RFC1510 > GPGME_MD_CRC24_RFC2440 > > none of the other 3 settings did anything here: >>>> cert-digest-algo SHA512 >>>> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES >>>> CAST5 ZLIB BZIP2 ZIP Uncompressed >>>> personal-digest-preferences SHA512 SHA384 SHA256 SHA224 > > cheers > Matthias > > On 2 Mar 2021, at 8:44, Thomas Kahle wrote: > >> Hi, >> >> On 2 Mar 2021, at 0:45, Matthias Schmidt via mailmate wrote: >>>> On 1 Mar 2021, at 16:57, Matthias Schmidt via mailmate wrote: >>>>>> Hi do you use PGP for signing or encrypting mail? Some time back I had >>>>>> to update my ~/.gnupg/gpg.conf file with this line: >>>>>> >>>>>> personal-digest-preferences SHA512 SHA384 SHA256 SHA224 >>>>>> >>>>>> ...to stop MailMate complaining about SHA1 digests. >>>>> >>>>> still not working, now I get this message: >>>>> Risk analysis The hash function used for the message digest has been >>>>> obsoleted due to security concerns. You should change your OpenPGP >>>>> settings to use a stronger hash algorithm for the digest (such as SHA256). >>>> >>>> I use these three: >>>> >>>> cert-digest-algo SHA512 >>>> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES >>>> CAST5 ZLIB BZIP2 ZIP Uncompressed >>>> personal-digest-preferences SHA512 SHA384 SHA256 SHA224 >>>> >>>> I think the first might be what you are looking for. >>> >>> I have 2 gpg.conf files: >>> one here: ~/.gnupg/gpg.conf >>> and the othere here: /usr/local/MacGPG2/etc/skel/.gnupg/gpg.conf >>> >>> I added those lines above in both config files, as it is not clear to me >>> which one is used. >>> BUT, I still get this signing Alert The hash function used … >>> More ideas how to remove this SHA1 hash please? >>> >> >> Are you on the latest version of MacGPG? You can get info on the command >> line with >> >> gpg --version >> >> It will at least show you which config file directory it is looking in. >> Usually it should be ~/.gnupg/gpg.conf. >> >> I’m not sure how to continue. When exactly does the message occur? When >> you sign something? >> >> Also you wrote >>> My keys are set to DSA or RSA >>> How can I fix this? >> >> I’m unsure what this means. You can see which keys you have with >> >> gpg --list-secret-keys >> >> If you rely on 1024 bit DSA keys, it might be time to move to longer keys, >> but I’m not sure if using a 1024 bit key generates any warnings on gpg and >> if so, starting with which version. >> >>> btw, this appeared after upgrading to BigSur. >> >> Did you also update GPGSuite? I’m using MacGPG 2.2.20 from GPG Suite 2020.2. >> >> Cheers, >> Thomas >> >> >> -- >> Thomas Kahle >> https://www.thomas-kahle.de >> _______________________________________________ >> mailmate mailing list >> mailmate@lists.freron.com >> https://lists.freron.com/listinfo/mailmate > _______________________________________________ > mailmate mailing list > mailmate@lists.freron.com > https://lists.freron.com/listinfo/mailmate
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailmate mailing list mailmate@lists.freron.com https://lists.freron.com/listinfo/mailmate