Hi Kristian,
Thanks for the link. I've studied some interesting threads.
Anyhow, I'm surprised that apparently there isn't any decision on how to
move to the next OpenPGP standard, or what it would look like. Or has
something been decided?
I just want to be updated as I haven't followed the discu
On Tue, Feb 11, 2014 at 09:10:32AM +0100,
Per Tunedal wrote
a message of 17 lines which said:
> When SHA-1 falls, GnuPG will otherwise be completely broken as
> internal key signatures, as well signatures of public keys from
> others and the fingerprint rely on SHA-1 hashes.
Isn't three diffe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Hi Per,
On 02/12/2014 09:31 AM, Per Tunedal wrote:
> Hi Peter, Yes, I've searched the archives. Conclusion: There's not
> any immediate danger to GnuPG.
>
> But, all the same: I cannot find any information on what's the
> plans for the future. Soon
Hi Peter,
Yes, I've searched the archives. Conclusion: There's not any immediate
danger to GnuPG.
But, all the same: I cannot find any information on what's the plans for
the future. Sooner or later a transition to some other hash has to take
place, hasn't it?
Yours,
Per Tunedal
On Tue, Feb 11, 2
On 11/02/14 09:10, Per Tunedal wrote:
> Is there any work in progress to move to a more secure
> hash algorithm?
Have you searched the mailing list archives? There are several times this has
been discussed already, including many different opinions, responses to those
opinions and arguments for an
Hi,
GnuPG, as OpenPGP compliant, relies heavily on the near broken hash
algorithm SHA-1. Is there any work in progress to move to a more secure
hash algorithm?
When SHA-1 falls, GnuPG will otherwise be completely broken as internal
key signatures, as well signatures of public keys from others and