ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Rejecting expiration signatures that involve SHA1

2022-04-29 12:22:56
On 29.04.22 19:10, Kai Engert wrote:
The user discovered a gpg.conf file that was set to use SHA-1, but the
user couldn't explain why they had that configuration.

Apologies, the user just clarified that were was no configuration file when the SHA-1 was signature.

But a new configuration file was necessary to create a signature with something better than SHA-1.

We don't know why gnupg on Ubuntu created that SHA-1 based signature. (Either Ubuntu 18.04 or 22.04, user doesn't remember which machine was used.)

We will look into this more, I'll try to get clearer answers before posting again.

Kai


_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp