[MlMt] Note that the SHA1 hash algorithm has been found to have weaknesses

[mat]

Hello,

I ended up recreating the signatures with a complete new setting file gig.conf:

no-emit-version
keyid-format 0xlong
with-fingerprint
list-options show-uid-validity
verify-options show-uid-validity
keyserver-options no-honor-keyserver-url
auto-key-retrieve
personal-cipher-preferences AES256 AES192 AES
personal-digest-preferences SHA512 SHA384 SHA256
personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
default-new-key-algo rsa4096
cert-digest-algo SHA512
digest-algo SHA512
disable-cipher-algo 3DES
default-key <somekey>
agent-program /usr/local/gnupg-2.4/bin/gpg-agent

Cheers
Matthias

On 24 Aug 2025, at 22:27, Bill Cole wrote:

> On 2025-08-24 at 11:19:29 UTC-0400 (Sun, 24 Aug 2025 16:19:29 +0100)
> mat via mailmate <mailmate at lists.freron.com>
> is rumored to have said:
>
>> Hello,
>>
>> Since I had to setup my Mac anew I get this warning when I send signed or encrypted mail.
>> I have to click it away, else I can’t send.
>> My keys are all RSA and at 2048 in size.
>> Mailmate is: Version 2.0 (6272)
>>
>> Any idea what might go wrong here?
>
> Not precisely, as you didn't say whether you are using GPG or S/MIME.
>
> The SHA* algorithms are "Secure Hashes" which are used to generate random-looking fixed length "message authentication codes" or "fingerprints" from arbitrary input data, which cannot be used to regenerate the original data. Contrary to the name, those "fingerprints" are NOT globally unique, but they are distinct enough for most uses because generating hash collisions intentionally is very hard. For SHA1 (which generates 160-bit hashes) there are enough tricks discovered and enough raw computing power widely available to make use of SHA1 unsafe in some uses. Both S/MIME certificates and GPG keys can use SHA1, and it was required for use on "v4" keys (see https://www.rfc-editor.org/rfc/rfc4880#section-12.2) but has since been deprecated. Similarly, the x509 certificates issued for S/MIME for many years used SHA1 but today typically use SHA256 or SHA512.
>
> The reason this is just a warning that you can click through is that the "insecurity" of SHA1 is mostly theoretical for the email use case. SHA1 is used in establishment of trust for keys/certs rather than being used in encryption, so the theoretical attacks are a bit past (IMNSHO) what one needs to worry about unless one is a target of a very motivated and well-resourced attacker.
>
> I'm not sure if it is still needed, but back when the deprecation of SHA1 was more recent, I found it helpful to add these lines to ~/.gnupg/gpg.conf:
>
>
>     personal-digest-preferences SHA512 SHA384 SHA256 SHA224
>     cert-digest-algo SHA512
>     default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
>
> I am no longer entirely sure why (or even whether) I needed all 3 lines, but I have not had a SHA1 warning in years...
>
> -- 
>  Bill Cole
>  bill at scconsult.com or billcole at apache.org
>  (AKA @grumpybozo at toad.social and many *@billmail.scconsult.com addresses)
>  Not Currently Available For Hire
> _______________________________________________
> mailmate mailing list
> Unsubscribe: https://lists.freron.com/listinfo/mailmate
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20250902/13ce1414/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 512 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20250902/13ce1414/attachment.sig>