View Issue Details

IDProjectCategoryView StatusLast Update
0001496Main CAcert WebsiteGPG/PGPpublic2020-10-31 13:48
ReporterNoSubstitute Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
PlatformMain CAcert WebsiteOSN/A 
Summary0001496: CAcert signed GPG key reports Invalid Digest Algorithm
DescriptionI'm guessing this could be why.

gpg: Note: third-party key signatures using the SHA1 algorithm are rejected
sig% P X 0xD2BB0D0165D0FD58 2019-09-22 [Invalid digest algorithm]
sig% P 0xD2BB0D0165D0FD58 2020-10-31 [Invalid digest algorithm]

>gpg --version
gpg (GnuPG) 2.2.23
libgcrypt 1.8.6
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Home: C:/Users/Kim/AppData/Roaming/gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
        CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
Steps To ReproduceSign a gpg key with the gpg signing feature of cacert.
Import key to gpg.
Check the signatures of the key.
TagsNo tags attached.
Reviewed by
Test Instructions

Issue History

Date Modified Username Field Change
2020-10-31 13:48 NoSubstitute New Issue
2020-10-31 13:48 NoSubstitute File Added: 2020-10-31 142414-CAcert_signed_GPG_key-Invalid_digest_algorithm.png