Evolution data server (libcamel) can only use SHA-1 as hash
Bug #381295 reported by
Daniel Silverstone
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
evolution-data-server |
Fix Released
|
Medium
|
|||
evolution-data-server (Ubuntu) |
Fix Released
|
Wishlist
|
Ubuntu Desktop Bugs |
Bug Description
Binary package hint: evolution-
Binary package hint: libcamel-
When sending a PGP signed message in Evolution, the signature algorithm is locked down to SHA1.
With the recent concern about SHA1 signatures, many people, including myself, are migrating to new GPG keys and SHA256 or SHA512 signatures by default. However those of us who use Evolution are unable to migrate properly yet because Evolution fails us in this respect.
Bug #381290 contains a patch to stop Evolution's composer locking it down to SHA1, but camel is unable to use the SHA2 family of hashes.
The attached patch adds support for the SHA2 family of hashes and makes SHA256 the default hash.
Changed in evolution-data-server (Ubuntu): | |
importance: | Undecided → Medium |
summary: |
- Evolution data server (libcamel) cannot + Evolution data server (libcamel) can only use SHA-1 as hash |
Changed in evolution-data-server: | |
status: | Unknown → Confirmed |
Changed in evolution-data-server: | |
status: | Confirmed → Fix Released |
Changed in evolution-data-server: | |
importance: | Unknown → Medium |
To post a comment you must log in.
Setting Triaged/WishList, and adding the same upstream link as in bug 381290. Upstream would be the best place to discuss this, byt the way.
There is at least only point here, though: if the GNUpg/PGP key to be used is a DSA key, then the hash will still be just 160 bits long. Only DSA2 or RSA allows for larger hashes. It is uncertain if there would be a real gain in this case.