Re: [openpgp] Deprecating SHA1

Jon Callas <joncallas=40icloud(_dot_)com(_at_)dmarc(_dot_)ietf(_dot_)org> 
writes:

Here are a number of options possible.


Another thing to consider is how to deal with existing signed data.  If
there's a file that's been sitting on a local disk for twenty years signed
with SHA-1 then the signature isn't going to be suddenly invalid just because
SHA-1 is wobbly.  So some provision for recognising existing data as still
valid rather than "anything signed with SHA-1 is automatically suspect" would
be good.

Peter.


_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [openpgp] Deprecating SHA1, (continued) Re: [openpgp] Deprecating SHA1, Phil Pennock Re: [openpgp] Deprecating SHA1, Neal H. Walfield Re: [openpgp] Deprecating SHA1, Phil Pennock Re: [openpgp] Deprecating SHA1, Ángel Re: [openpgp] Deprecating SHA1, Neal H. Walfield Re: [openpgp] Deprecating SHA1, Neal H. Walfield Re: [openpgp] Deprecating SHA1, Guillem Jover Re: [openpgp] Deprecating SHA1, Guillem Jover Re: [openpgp] Deprecating SHA1, brian m. carlson Re: [openpgp] Deprecating SHA1, Jon Callas Re: [openpgp] Deprecating SHA1, Peter Gutmann <= Re: [openpgp] Deprecating SHA1, Benjamin Kaduk Re: [openpgp] Deprecating SHA1, Neal H. Walfield

Previous by Date:	Re: [openpgp] Deprecating SHA1, Phil Pennock
Next by Date:	Re: [openpgp] Deprecating SHA1, Benjamin Kaduk
Previous by Thread:	Re: [openpgp] Deprecating SHA1, Jon Callas
Next by Thread:	Re: [openpgp] Deprecating SHA1, Benjamin Kaduk
Indexes:	[Date] [Thread] [Top] [All Lists]