The crypto in OpenPGP is actually far from ideal. They combine some arcane block cipher mode with something called mdc ("modification detection code"), which isn't a proper authentication. It's kinda surprising that this hasn't caused more issues (though there were some authentication stripping attacks). It should switch to a proper AEAD mode.
Also for RSA it is using PKCS #1 1.5 and SHA-1 is used all over the place.
This is all not super serious, I wouldn't be too bothered about it. But it's not a solid crypto design by modern standards.
Also for RSA it is using PKCS #1 1.5 and SHA-1 is used all over the place.
This is all not super serious, I wouldn't be too bothered about it. But it's not a solid crypto design by modern standards.