summaryrefslogtreecommitdiff
path: root/debian/apt-transport-https.README
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-03-22 01:26:29 +0100
committerDavid Kalnischkies <david@kalnischkies.de>2016-03-22 01:58:45 +0100
commit08b7761a251a36fa65cbe022a86c51d7f091a88d (patch)
tree9666c3f3582e88ae0ac748d7bccb2811f17f4c06 /debian/apt-transport-https.README
parent8fa99570816d3a644a9c4386c6a8f2ca21480329 (diff)
handle gpgv's weak-digests ERRSIG
Our own gpgv method can declare a digest algorithm as untrusted and handles these as worthless signatures. If gpgv comes with inbuilt untrusted (which is called weak in official terminology) which it e.g. does for MD5 in recent versions we should handle it in the same way. To check this we use the most uncommon still fully trusted hash as a configureable one via a hidden config option to toggle through all of the three states a hash can be in.
Diffstat (limited to 'debian/apt-transport-https.README')
0 files changed, 0 insertions, 0 deletions