Also, since I started a thread, I also want to ask whether SHA1 or other deprecated algorithms are used in the PGP verification of dom0 and domu updates. This is somewhat related to my original question.
https://arstechnica.com/information-technology/2020/01/pgp-keys-software-security-and-much-more-threatened-by-new-sha1-exploit/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b9dcca44-ef1a-454f-ba3a-4e6b6c036251o%40googlegroups.com.