On Fri, Oct 23, 2020 at 03:23:17PM -0400, Phil Pennock wrote:
The TLDR for folks using the widespread GnuPG software is that GnuPG
defaults to protecting you against a new self-sig, but expert-mode makes
it easy:
gpg --expert --cert-digest-algo SHA256 --sign-key $YourKeyId
I'm one of the people with a SHA1 self signature. I've been aware of it
for some time, and it's been on my todo list to sort out, but when I
last tried GPG did not make it possible. What version of GPG is
necessary for the above to work? The somewhat aged versions on the
airgapped machine my master key lives on do not seem to want to update
the type of the self sig with that command.
J.
--
Chaos, panic, & disorder - my work here is done.
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp