>> Again, required per the spec, and this can be >> prevented by having one person >> on the list use a DSA-2048/-3072 key, which forbids >> SHA-1 usage. > > Really? many of the messages to the PGPNET discussion group [0] have > SHA-1 signatures. Messages are signed and encrypted to about 30 keys, > one of which is DSA-2048. Showpref on that DSA-2048 key gives > Digest: SHA1, SHA256, RIPEMD160.
I was speaking a bit too glibly; I'm sorry about that. If I'm sending to 30 people it's quite likely I'll wind up using CAST or 3DES, since that's the lowest common denominator. Cipher preferences have a complex find-the-best-option algorithm that finds what all recipients can use, then chooses one from among them -- so finding a "common denominator" of algorithms is important. But lowest common denominator for signatures is ... it's uncommon to encounter such a situation; in fact, in 25 years of using PGP I don't think I've ever encountered it. If I sign a message with TIGER192 and you can't verify it, tough luck. Given this, I don't know how you'd come up with a real-world case where you'd need a common hash algorithm set for signing purposes. But if there were such a case where there was a lowest common denominator hash algorithm, DSA-2048 requires a 224-bit hash (and -3072 requires 256), so inclusion of either of those would preclude any 160-bit hash being used; they could not appear in a common algorithm set.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
