Re: Can't check signature, DSA key 9C973C92 requires a 256 bit or larger hash

Werner Koch Mon, 17 Mar 2014 10:24:09 -0700

On Mon, 17 Mar 2014 15:39, d...@fifthhorseman.net said:
> So gpg's behavior seems to be non-uniform here.  That said, i'd love to
> be able to tell gpg to ignore or explicitly reject signatures made by
> strong keys with MD5 digests.


There is a new option in master:

  --allow-weak-digest-algos

       Signatures made with the broken MD5 algorithm are normally
       rejected with an ``invalid digest algorithm'' message.  This
       option allows the verification of signatures made with such weak
       algorithms.

Right, at some time we may need to add SHA-1 here.


Shalom-Salam,

   Werner


-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Re: Can't check signature, DSA key 9C973C92 requires a 256 bit or larger hash

Reply via email to