I don't use GPG all that much, but am a little concerned with the recent SHA1 collision news.
>From what I've read on this list, it doesn't seem to be too much of an issue. I wonder if someone could clarify some things for me, please: 1) Is this just an issue with signatures, or does it impact the encryption resistance? 2) I don't want to lose my current keys, as I have many files that I have encrypted. Will changing the default hash with the setpref command in the edit menu (to something like SHA512) help, at all? Essentially, should an average user of GPG be doing anything? If, after people have thought about this issue and better hashes are recommended, will that require current keys to be discarded? (My key is 1024D with 4096g subkey, if that makes any difference.) Thanks.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
