Robert can probably give a better explanation that I, however with 3072 DSA signing keys, the SHA512 and SHA256 algorithms "functionally" produce the same length hash since the lower 256 bits are dropped as per the FIPS specification. I've often wondered the consequences of such an action -- whether this makes the chance of a collision higher or equal in comparing the SHA512 modified hash product to the SHA256 hash product. Perhaps someone could elaborate on this.
Of course with RSA keys, no such limitation is in place. Just an FYI. (And just another summary, the battle between RSA vs DSA signing keys has been waged many times prior on this mailing list -- Google for it if you don't believe me -- and to summarize the conclusions of many on this list -- this is no functional advantage of using one over the other). -- Kevin Hilton _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
