problem with prefs
Janusz A. Urbanowicz
alex at syjon.fantastyka.net
Tue Feb 11 13:47:01 CET 2003
On Tue, Feb 11, 2003 at 07:10:46AM -0500, David Shaw wrote:
> On Mon, Feb 10, 2003 at 11:28:15PM +0100, Janusz A . Urbanowicz wrote:
> > alex at FUCKUP:[~]:4:0:> gpg -v --version
> > gpg (GnuPG) 1.2.0
> > []
> > Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3)
> > []
> >
> > ~/.gnupg/gpg.conf contains the following line:
> >
> > personal-digest-preferences h3
> >
> > but when I do gpg --clearsign testmessage:
>
> [..]
>
> > It is still hashed using SHA1 instead of RIPEMD-160 I selected. Why?
>
> The personal-xxxxx-preferences commands only apply during operations
> that involve a recipient. Otherwise, --digest-algo is used.
>
> However, read the gnupg-users thread entitled "Personal prefs" from
> November of 2002. Someone asked the same question back then, and the
> development GnuPG was changed to consult personal-digest-preferences
> if digest-algo was not set.
yes, I remember the thread, especially what you wrote:
| Yes. Putting cipher-algo or digest-algo in gpg.conf should really
| only be used in very special circumstances. The prefs functions let
| you do the same thing, but in a safe manner that won't generate
| messages that violate the recipients preferences.
So, there's not a good way to use RIPEMD160 for clearsigning without risking
a major breakage?
I know it is a Good Thing to emit messages that have undefined recipient to
have minimal protocol requirements for the recipient, but in the case I'd
like to switch the hash. Why does perconal-digest-preferences not affect
clearsigning? A deliberate design decision? I'm curious.
Alex
More information about the Gnupg-devel
mailing list