Re: [PATCH] test: replace aging OpenPGP key used in the test suite

Subject: Re: [PATCH] test: replace aging OpenPGP key used in the test suite

Date: Thu, 22 Sep 2022 12:01:26 +0200

To: Justus Winter

Cc: notmuch@notmuchmail.org

From: Michael J Gruber

Am Do., 22. Sept. 2022 um 10:47 Uhr schrieb Justus Winter
<justus@sequoia-pgp.org>:
>
> This replaces the old OpenPGPv4 key that is used in the test suite
> with a more modern OpenPGPv4 key.  All cryptographic artifacts in the

Both v4? Only one key file is named v4.


> @@ -6,7 +6,7 @@ Message-ID: <simple-signed-mail@crypto.notmuchmail.org>
>  MIME-Version: 1.0
>  Content-Type: multipart/signed; boundary="=-=-=";
>   protocol="application/pgp-signature";
> - micalg=pgp-sha512
> + micalg=pgp-sha256

You are downgrading the hash algo here and in the other regenerated
signatures. This is not wrong per-se, I'm just wondering whether it is
intentional (or forced by the standard) when the aim of this series is
future-proofing. sha256 is the current "replacement" for sha1, which
means it's the one which will be replaced next ;)

Michael
_______________________________________________
notmuch mailing list -- notmuch@notmuchmail.org
To unsubscribe send an email to notmuch-leave@notmuchmail.org

Thread: