There have been various discussions about GnuPG's default use of SHA1, e.g.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612657
which impacts the archive pseudo-package but is also relevant for the
gnupg* packages
However, are such issues at the discretion of package maintainers and
upstream, or is it useful to have a uniform Debian approach to
cryptographic strength?
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51cc3709.7000...@pocock.com.au
