problem with prefs

Janusz A. Urbanowicz alex at
Tue Feb 11 13:47:01 CET 2003

On Tue, Feb 11, 2003 at 07:10:46AM -0500, David Shaw wrote:
> On Mon, Feb 10, 2003 at 11:28:15PM +0100, Janusz A . Urbanowicz wrote:
> > alex at FUCKUP:[~]:4:0:> gpg -v --version 
> > gpg (GnuPG) 1.2.0
> > []
> > Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3)
> > []
> > 
> > ~/.gnupg/gpg.conf contains the following line:
> > 
> > personal-digest-preferences h3
> > 
> > but when I do gpg --clearsign testmessage:
> [..]
> > It is still hashed using SHA1 instead of RIPEMD-160 I selected. Why?
> The personal-xxxxx-preferences commands only apply during operations
> that involve a recipient.  Otherwise, --digest-algo is used.
> However, read the gnupg-users thread entitled "Personal prefs" from
> November of 2002.  Someone asked the same question back then, and the
> development GnuPG was changed to consult personal-digest-preferences
> if digest-algo was not set.

yes, I remember the thread, especially what you wrote:

| Yes.  Putting cipher-algo or digest-algo in gpg.conf should really
| only be used in very special circumstances.  The prefs functions let
| you do the same thing, but in a safe manner that won't generate
| messages that violate the recipients preferences.

So, there's not a good way to use RIPEMD160 for clearsigning without risking
a major breakage?

I know it is a Good Thing to emit messages that have undefined recipient to
have minimal protocol requirements for the recipient, but in the case I'd
like to switch the hash. Why does perconal-digest-preferences not affect
clearsigning? A deliberate design decision? I'm curious.


More information about the Gnupg-devel mailing list