On 7/11/2012 12:41 AM, vedaal wrote: > SHA1 is hardwired into the fingerprint of v4 keys.
As soon as a V5 key spec is released, I'll revise my statement. Until then, OpenPGP has an unfortunate dependency on hashes that do not have good long-term prospects. :) > So when is it reasonable enough to suggest that SHA1 is broken enough > to start working on a v5 key? V5 discussions will not kick off in earnest until NIST announces the new hash standard, or so I've heard people from the working group say. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users