2014-09-14 14:45:55 UTC
while packaging postfix 2.11.1 I noticed that the corresponding pgp/gpg
signature is generated using the md5 digest algorithm. MD5 is now
disabled as an acceptable digest method for signatures for source
tarballs of openSUSE packages. Would it be possible to re-issue the
signature using a SHA-1 or any of the SHA-2 family?