On Thu, Nov 29, 2007 at 08:05:15PM -0500, David Shaw wrote: > I've committed a fix for this for 1.4.8, so that new RSA + SHA-224 > signatures use the right constants. I've also added some > bug-compatibility code so that 1.4.8 (and later) will be able to > verify the old, incorrect signatures.
I should also add that GPG2 does not have this problem as it uses libgcrypt for its crypto, and libgcrypt does not currently support SHA-224. The version of libgcrypt currently in development does have this problem, but it will be fixed before it is released. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
