Migrating away from SHA-1

[Chris Acheson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The SHA-1 hash that PGP and GnuPG use by default is now looking even
less secure than previously thought. It's recommended that users begin
using SHA-2, and generate new keys to replace their 1024-bit DSA keys
which are dependent on SHA-1:

<http://www.debian-administration.org/users/dkg/weblog/48>

If you understand the instructions in the link above, you should
probably follow them soon. If you don't understand them, don't worry
too much, as your keys and signatures are still mostly safe for now,
they're just not future-proof. You'll probably want to wait until new
versions of your software are released with updated default settings,
and then generate new keys.

I've generated a new key for myself, which I've signed with the old key
and will be using from now on.

- -Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkoE6pEACgkQofzSRyJGxf0ImwCeMhd3ET7P/zYluoRzck12rft1
o+MAnAheZ3nX3IyabdTZXtgjlj0bbhnv
=TpfH
-----END PGP SIGNATURE-----

[Chris Acheson]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Whoops, used the wrong key to sign that message. New key is available
here, if it hasn't propagated to your favorite keyserver yet:

<http://chrisacheson.net/contact/>

Chris Acheson wrote:
> The SHA-1 hash that PGP and GnuPG use by default is now looking even
> less secure than previously thought. It's recommended that users begin
> using SHA-2, and generate new keys to replace their 1024-bit DSA keys
> which are dependent on SHA-1:
>
> <http://www.debian-administration.org/users/dkg/weblog/48>
>
> If you understand the instructions in the link above, you should
> probably follow them soon. If you don't understand them, don't worry
> too much, as your keys and signatures are still mostly safe for now,
> they're just not future-proof. You'll probably want to wait until new
> versions of your software are released with updated default settings,
> and then generate new keys.
>
> I've generated a new key for myself, which I've signed with the old key
> and will be using from now on.
>

> -Chris

-

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIcBAEBCAAGBQJKBOx+AAoJEBgPDxtXUJkizvEP/1bZ0hLX/1LRzY/xJ+SBLtsV
votZe5uLq/wBTsBxMDxPiXK3CG2nPSwVI1x/AhRGDVB2OH976mo6flsEoaAfpqZi
5SkjkS3zq/tbm0EKMuWZBE4JNTFP8sf6Fia/hICNtuUEl/nU6gHGiOCWlE4IVjOb
qdcq6pJ7ZYe8f65aA8aM3OrnL1esCPJnoFjA3x/bDzDJXH3q/gyyuG6LCH/VaVgC
hdb6jWJJl8I/Pvzk9RV+AYUCCZXleVQwhGNGq0m5zjeMp4P+aEUXuRBT5+RbOEet
okxHR75pX97mWk/mvJKSWtJR4nQq8y1r1rUwB607u3afBuF+e+t2qFAbe0PVeMTn
Iqo5jnoTMV18MhL4yeOHFrNCsBlO0gPBJ3iUU0Ls+hzuauRF9GL5ao5aiXY407ci
jeKbgE6ap9KoDt3B2jOM8z1pJ0eX3A0YHx90hDkWy6AH9H+fAR9lsKgCHjMzySf0
kZd1n/iqyZtidaT0v8/g95N2deTYN1jgqRCF3fRSWHJqTd5MbhP6kA6zxYAd3ESb
T0It5Gxoq6RxZn0qs4QKb1Dc5lBiczZFNN7WiAM5NIzszyc6KPpOxZlnOrKyEKA8
4yHdKTJ48mjL2SWsUoqJlZ7ndVf/pzn7ODXu6V8ij8AwsyZIQ6lKP7Z+Go6ydE4a
CNYkA9zsfLMXiWfFArwX
=IR+V
-----END PGP SIGNATURE-----