Commit 597e23ca authored by Rafaël Carré's avatar Rafaël Carré

Add a comment about RIPEMD/160

parent e7268258
...@@ -44,6 +44,10 @@ ...@@ -44,6 +44,10 @@
/* /*
* XXX * XXX
* When PGP-signing a file, we only sign a SHA-1 hash of this file * When PGP-signing a file, we only sign a SHA-1 hash of this file
* The DSA key size requires that we use an algorithm which produce
* a 160 bits long hash
* An alternative is RIPEMD160 , which you can use by giving the option
* --digest-algo RIPEMD160 to GnuPG
* *
* As soon as SHA-1 is broken, this method is not secure anymore, because an * As soon as SHA-1 is broken, this method is not secure anymore, because an
* attacker could generate a file with the same SHA-1 hash. * attacker could generate a file with the same SHA-1 hash.
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment