Hi,
Following Debconf, you are certainly about to use caff and sign/sent
keys (or you already did it).
Just this mail to make the Bdale notice[0] more visible: caff uses
SHA1 by
default[1], even with correctly configured gnupg as per Ana's post[2].
That's a shame since the point of these 4k keys is to use stronger
digests.
To fix it for future keys:
ln -s ~/.gnupg/gpg.conf ~/.caff/gnupghome/gpg.conf
To fix key XXXXXXXX signed using SHA-1 :
gpg --homedir=/home/uid/.caff/gnupghome --secret-keyring /home/
uid/.gnupg/secring.gpg
--no-auto-check-trustdb --trust-model=always --edit-key XXXXXXXX
caff --no-download XXXXXXXX
[0] http://www.gag.com/bdale/blog/posts/Strong_Keys.html
[1] http://bugs.debian.org/527944
[2] http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/