Hi, On 2 Mar 2021, at 0:45, Matthias Schmidt via mailmate wrote: >> On 1 Mar 2021, at 16:57, Matthias Schmidt via mailmate wrote: >>>> Hi do you use PGP for signing or encrypting mail? Some time back I had to >>>> update my ~/.gnupg/gpg.conf file with this line: >>>> >>>> personal-digest-preferences SHA512 SHA384 SHA256 SHA224 >>>> >>>> ...to stop MailMate complaining about SHA1 digests. >>> >>> still not working, now I get this message: >>> Risk analysis The hash function used for the message digest has been >>> obsoleted due to security concerns. You should change your OpenPGP settings >>> to use a stronger hash algorithm for the digest (such as SHA256). >> >> I use these three: >> >> cert-digest-algo SHA512 >> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 >> ZLIB BZIP2 ZIP Uncompressed >> personal-digest-preferences SHA512 SHA384 SHA256 SHA224 >> >> I think the first might be what you are looking for. > > I have 2 gpg.conf files: > one here: ~/.gnupg/gpg.conf > and the othere here: /usr/local/MacGPG2/etc/skel/.gnupg/gpg.conf > > I added those lines above in both config files, as it is not clear to me > which one is used. > BUT, I still get this signing Alert The hash function used … > More ideas how to remove this SHA1 hash please? >
Are you on the latest version of MacGPG? You can get info on the command line with gpg --version It will at least show you which config file directory it is looking in. Usually it should be ~/.gnupg/gpg.conf. I’m not sure how to continue. When exactly does the message occur? When you sign something? Also you wrote > My keys are set to DSA or RSA > How can I fix this? I’m unsure what this means. You can see which keys you have with gpg --list-secret-keys If you rely on 1024 bit DSA keys, it might be time to move to longer keys, but I’m not sure if using a 1024 bit key generates any warnings on gpg and if so, starting with which version. > btw, this appeared after upgrading to BigSur. Did you also update GPGSuite? I’m using MacGPG 2.2.20 from GPG Suite 2020.2. Cheers, Thomas -- Thomas Kahle https://www.thomas-kahle.de
signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailmate mailing list mailmate@lists.freron.com https://lists.freron.com/listinfo/mailmate
