-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 8/21/12 12:26 PM, Laurent Jumet wrote: > It primary depends on the lenghth of the main (signing) key. If > main key is 1024, he cannot sign with SHA256; he can sign with a > RIPEMD160 but not higher, and other preferences are ignored.
Yes and no. DSA-1024 requires the use of a 160-bit hash. If the --enable-dsa2 flag is set, he will be able to sign with any hash he likes: it will just be silently truncated to 160 bits. Otherwise, yes, the choices are SHA-1 and RIPEMD-160. DSA-2048 requires the use of at least a 224-bit hash. DSA-3072 requires the use of at least a 256-bit hash. RSA has no requirements on hash length. -----BEGIN PGP SIGNATURE----- iFYEAREIAAYFAlAzuM0ACgkQI4Br5da5jhCBgADcDY7/P02Q/njE1WF6NGNMdfpV /eXyzaWEC3rl1ADeLc9oS7Oi/akAOuqP0EriL+c3U9DuOOJaWFvzWw== =mENf -----END PGP SIGNATURE----- _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
