> On Aug 17, 2017, at 4:39 AM, Richard Biener
> wrote:
>
> On Thu, Aug 17, 2017 at 4:23 AM, R0b0t1 wrote:
>> After downloading and verifying the releases on
>> ftp://ftp.gnu.org/gnu/, I found that the maintainers used 1024 bit DSA
>> keys with SHA1 content digests. 1024 bit keys are considered
On Thu, Aug 17, 2017 at 4:23 AM, R0b0t1 wrote:
> After downloading and verifying the releases on
> ftp://ftp.gnu.org/gnu/, I found that the maintainers used 1024 bit DSA
> keys with SHA1 content digests. 1024 bit keys are considered to be
> susceptible to realistic attacks, and SHA1 has been consi
After downloading and verifying the releases on
ftp://ftp.gnu.org/gnu/, I found that the maintainers used 1024 bit DSA
keys with SHA1 content digests. 1024 bit keys are considered to be
susceptible to realistic attacks, and SHA1 has been considered broken
for some time.
http://nvlpubs.nist.gov/nis
