On Fri, Feb 24, 2017 at 6:52 PM, Jim Jagielski <[email protected]> wrote: > I think we should start, in addition to "signing" w/ md5 and sha-1, > using sha-256 as well. > > Sound OK?
Our "true" signing has and will always be PGP. Though SHA-256 is often asked by users@, so, +1
