Bug 379892

Summary: Display stronger fingerprints (sha512)
Product: [Applications] kleopatra Reporter: sedrubal <kde>
Component: generalAssignee: Andre Heinecke <aheinecke>
Status: RESOLVED UPSTREAM    
Severity: normal CC: mutz, pim-bugs-null
Priority: NOR    
Version First Reported In: 2.3.0   
Target Milestone: ---   
Platform: Fedora RPMs   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description sedrubal 2017-05-16 09:15:08 UTC 
Currently kleopatra displays only sha1 fingerprints for x509 keys (in key overview and dialogues to ask if you trust a certificate).

In the key dump tab you can also see the md5 fingerprint.

But why aren't any stronger fingerprints displayed like sha512?
Comment 1 Andre Heinecke 2017-05-16 09:21:02 UTC 
Hi,
Kleopatra is only a Frontend for the crypto software GnuPG. E.g. the question where you are asked to confirm a fingerprint is directly issued by GnuPG. Similarly the dump is what you would get on the command line from "gpgsm --dump-cert <cert>".

So please report this issue on the upstream tracker http://dev.gnupg.org

Thanks and Regards,
Andre