[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

New SHA-1 Attack Implications 2020

https://www.schneier.com/blog/archives/2020/01/new_sha-1_attac.html

This one is pretty ugly and confuses GPG 1.4 when verifying keys using the web of trust. Debian has moved to gpg2 by default for a while now so I don;t think this applies.

Git however still hasn’t deprecated SHA1 and is a security problem for projects that don’t sign tags.

2 Likes

https://github.com/QubesOS/qubes-issues/issues/2240#issuecomment-571744425

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]