Language Selection

English French German Italian Portuguese Spanish

Evolution vs sha256, or why my new key is useless

Filed under

There’s again a bit of cryptographic related panicing going on at the moment. This time it’s not a bug in the Debian version of OpenSSL, but another attack on SHA-1 that appears to break it a bit worse than before. So now everybody is generating new gpg keys to move away from SHA-1 hashes.

There’s one problem though: even when you generate a new gpg key that supports better hashing, your applications will still need to support the better hashing for it to be effective.

Given that gnupg is pretty unusable as a library, making everyone create library-ish wrappers around its command-line interface, it is very easy to get this wrong.

rest here

More in Tux Machines

Linux @

During the past month I have been in discussions with a number of people at I have been provided with the opportunity of writing articles on the subsite and I am in full control of all the content that will appear on that site. It is early days and there is some old content on the site which is a bit out of date but I plan to make a great resource for everyone. Read more

Leftovers: Software

today's howtos

Leftovers: Gaming