I apologise in advance if this is a repeat question (I have consulted the archives although not exhaustively) but I've been trying to get this right for two days now to no avail. I want the message digest for my emails to be SHA512 (or SHA256) but I can't seem to change it from SHA1. I have tried generating new keys, changing email clients and/or key management programs but nothing seems to work.
My gpg.conf contains the following lines: default-preference-list SHA512 SHA256 SHA384 SHA224 SHA1 AES256 AES192 AES CAST5 3DES ZLIB BZIP2 ZIP Uncompressed personal-cipher-preferences AES256 AES192 AES CAST5 3DES personal-digest-preferences SHA512 SHA256 SHA384 SHA224 SHA1 personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed cert-digest-algo SHA512 s2k-cipher-algo AES256 s2k-digest-algo SHA512 s2k-count 65011712 I appreciate there are some lines there not directly related to email signature message digests but at least lines 1 and 3 should set the default order as specified. If I generate a new key and then check the preferences (--edit-key ID, showpref) it does indeed reflect the above order. However if I send a signed email, it always starts with 'Hash: SHA1'. One additional point: if I use --clearsign for a non-email related document, this will employ the SHA512 digest. Why the discrepancy? What do I need to do to change it on my email? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
