On Tue, Nov 01, 2005 at 02:39:14PM +0100, Christoph Anton Mitterer wrote: > David Shaw wrote: > > >>If so,... should I (for security/cryptography reasons) ask users to sign > >>my key only with SHA512 (or whatever is considered as the currently > >>strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ? > >> > >> > >This is up to you, but note that most OpenPGP programs don't support > >SHA512 yet. Also note that most people have a DSA primary key and > >thus can't use any hash larger than 160 bits. > > > > > Uhm,... perhaps a stupid question,.. but: > If DSA keys are 1024 bit large,... why is this only enought for 160 bit > hashes?
The question is based on a misunderstanding. The hash size and key size are not a 1:1 relation. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
