On 09/09/2009 09:45 PM, David Shaw wrote: > Instead of giving my preferences, > allow me to point at the wonderful defaults in GPG. They're the default > algorithms for a reason.
I've asked this before, but without any satisfactory answer, i'm still
curious: Why do the digest defaults in 1.4.10 and 2.0.13 list SHA-1
above SHA-512, SHA-224, and SHA-384?
I don't believe that the mere existence of hardware acceleration of
SHA-1 is sufficient to warrant its default preference over stronger,
widely-implemented digests.
Users who have (and prefer to use) accelerator hardware for any
particular digest can change their published preferences to explicitly
prefer that hardware, right? Are SHA-1 accelerators so widespread that
people have them (and gpg uses them) without being aware of them?
Is there some other reason to rank SHA-1 like this?
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
