On 26/01/17 00:47, sivmu wrote: > The question I have not yet found any clear answer for, is why is nobody > talking about this and should pgp keys be identified by a stronger hash > alogrithm in the future?
Subverting SHA-1 as used for OpenPGP fingerprints requires a second-preimage attack. The problems with SHA-1 are with collision resistance, not preimage attacks. HTH, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter> _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
