(Since this has taken a turn for the GnuPG-specific, I have migrated this thread to GnuPG-Users. It was originally found on the IETF OpenPGP working group page.)
>> even though it's not default, you can change your gpg.conf(5) to >> use a specific hashing algorithm > > In particular, set the following preferences in GnuPG: > > digest-algo SHA512 cipher-algo AES256 > > The man page incorrectly warns against using them, and advises that > you use the 'personal-' variants instead. These effectively do > nothing. The man page is correct. Please don't use these options. Please don't encourage people to use these options. It's very easy to misuse these options in ways that will destroy interoperability with other OpenPGP applications. > If any downstream package maintainers are reading this, email me, > and I'll be delighted to open an issue to include a modern gpg.conf > skeleton in your package. I would be happy to look at your suggestions for inclusion in the FAQ; however, I'll tell you in advance the FAQ will not recommend using digest-algo or cipher-algo. > Does *anyone* on this list use an OpenPGP implementation that does > not support SHA-2 and AES? (And, if so, can you estimate how many > users are in a similar position?) Given the OpenPGP mailing list is comprised mostly of people who implement OpenPGP for a living, it is unlikely there will be many people there who use old versions of software. Try looking here on GnuPG-Users. You'll have to hunt a little bit, but it's pretty easy to find people seeking help with GnuPG 1.2, which is well over a decade old. On Enigmail, I recently had a frustrating experience helping a user who was trying to use GnuPG to exchange traffic with a PGP *2.6* user... a codebase which is about 20 years old now. So, short answer: yes, there are implementations that do not support SHA-2 and/or AES. Yes, they are still in use. Yes, we really wish they'd all just vanish or else upgrade to the latest, but no, they have no plans of doing that. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
