force-v4-certs and digest-algo

Brian M. Carlson karlsson at
Thu May 9 23:54:02 CEST 2002

On Thu, May 09, 2002 at 03:51:08PM -0400, David Shaw wrote:
> On Thu, May 09, 2002 at 07:40:24PM +0000, Brian M. Carlson wrote:
> > I have set force-v4-certs in my options file. I also have
> > digest-algo RIPEMD160 set. Yet, my signatures still are made with
> > SHA1, which I deprecate strongly.  If I have a preference on my key,
> > I'd prefer that gpg choose that, unless I choose a digest-algo
> > option, in which case gpg uses that. gpg has done neither.
> Let me make sure I understand what you are doing.  You want your key
> signatures - not data signatures - to use RIPEMD160 and not SHA1?
> --digest-algo only applies to data signatures.
> Why do you strongly deprecate SHA1?

SHA1 was created by the US government. I feel that the US government does not
have its citizens best interest at heart in the realm of cryptography, and
sometimes not with privacy in general. I prefer RIPEMD160 as it was created
independently outside of the US. Anyway, whatever my reason, shouldn't it
be my choice?

digest-algo has worked before, with my RSA key and with my ElGamal 20 key (see
sig) on key signatures. I might be able to dig them up for you.

Brian M. Carlson
<karlsson at>
OpenPGP: 0x351336B2DCA1913A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 528 bytes
Desc: not available
Url : /pipermail/attachments/20020509/2d36b4c7/attachment.bin

More information about the Gnupg-devel mailing list