Some of the discussion in this bug seems relevant to the GnuPG and GnuPG2 packages in Debian, but the bug is against the archive pseudo-package: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612657
Can anybody else make any comments: a) should there be more effort to phase out SHA1? b) how is it being approached upstream? Is backwards-compatibility still emphasized to the same extent? c) should this become a general system-wide goal to audit and increase crypto-strength in all parts of jessie / future Debian versions? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
