On 29.04.22 19:10, Kai Engert wrote:
The user discovered a gpg.conf file that was set to use SHA-1, but the
user couldn't explain why they had that configuration.
Apologies, the user just clarified that were was no configuration file
when the SHA-1 was signature.
But a new configuration file was necessary to create a signature with
something better than SHA-1.
We don't know why gnupg on Ubuntu created that SHA-1 based signature.
(Either Ubuntu 18.04 or 22.04, user doesn't remember which machine was
used.)
We will look into this more, I'll try to get clearer answers before
posting again.
Kai
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp