Opened 7 years ago

Closed 6 years ago

#9811 closed defect (fixed)

use sha256 or sha512 instead of sha1 for deb.torproject.org

Reported by: proper Owned by: weasel
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Keywords:
Cc: weasel Actual Points:
Parent ID: #1869 Points:
Reviewer: Sponsor:

Description

For example http://deb.torproject.org/torproject.org/dists/tor-0.2.4.x-jessie/InRelease currently uses Hash: SHA1. Please use a stronger hash, such as sha256 or sha512.

I believe, if you add

personal-digest-preferences SHA512
cert-digest-algo SHA512
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

to ~/.gnupg/gpg.conf that should do the trick.

Otherwise try "gpg --edit-key your@mail", setpref, SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB, save.

Child Tickets

Change History (1)

comment:1 Changed 6 years ago by weasel

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.