Just in case you haven’t heard of it, there’s a new attack vector on the SHA-1 hash algorithm. This is causing all kinds of havoc in communities that use PGP signatures, since signatures are created with this hash function by default. As an accessory to this, GnuPG‘s defaults for a key result in a key [...]