On 05/08/2009 05:40 PM, Jameson Rollins wrote: > I've written this email before, and every time I write it I'm more > convinced that caff is the *only* tool that should be used for key > signing. While i tend to agree with jamie that caff is the way to go, i was disturbed to realize this morning that caff does not take my cert-digest-algo preferences into account, and makes certifications over SHA-1 instead. I've filed a bug about this: http://bugs.debian.org/527944 In the meantime, before you use caff to sign your keys, please do: mkdir -m 0700 -p ~/.caff/gnupghome echo cert-digest-algo SHA256 >> ~/.caff/gnupghome/gpg.conf (or insert your digest algorithm of choice in place of SHA256) --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ DebianNYC mailing list DebianNYC@vireo.org http://lists.vireo.org/cgi-bin/mailman/listinfo/debiannyc