Lapo Luchini wrote:
I could be nice if the policy could define one (or more!) hash change
horizon before of which the less secure hash is accepted: this way the
old history wouldn't need to be re-signed (thus losing the verifiability
of the original author's signature).
Of course the whole hash
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Paul Crowley wrote:
SHA-256, I think, until NIST name its successor in about five years. See:
http://venge.net/mtn-wiki/FutureCryptography
I could be nice if the policy could define one (or more!) hash change
horizon before of which the less