problem with prefs
David Shaw
dshaw at jabberwocky.com
Tue Feb 11 14:24:01 CET 2003
On Tue, Feb 11, 2003 at 01:47:47PM +0100, Janusz A. Urbanowicz wrote:
> On Tue, Feb 11, 2003 at 07:10:46AM -0500, David Shaw wrote:
> > On Mon, Feb 10, 2003 at 11:28:15PM +0100, Janusz A . Urbanowicz wrote:
> > > alex at FUCKUP:[~]:4:0:> gpg -v --version
> > > gpg (GnuPG) 1.2.0
> > > []
> > > Hash: MD5 (H1), SHA1 (H2), RIPEMD160 (H3)
> > > []
> > >
> > > ~/.gnupg/gpg.conf contains the following line:
> > >
> > > personal-digest-preferences h3
> > >
> > > but when I do gpg --clearsign testmessage:
> >
> > [..]
> >
> > > It is still hashed using SHA1 instead of RIPEMD-160 I selected. Why?
> >
> > The personal-xxxxx-preferences commands only apply during operations
> > that involve a recipient. Otherwise, --digest-algo is used.
> >
> > However, read the gnupg-users thread entitled "Personal prefs" from
> > November of 2002. Someone asked the same question back then, and the
> > development GnuPG was changed to consult personal-digest-preferences
> > if digest-algo was not set.
>
> yes, I remember the thread, especially what you wrote:
>
> | Yes. Putting cipher-algo or digest-algo in gpg.conf should really
> | only be used in very special circumstances. The prefs functions let
> | you do the same thing, but in a safe manner that won't generate
> | messages that violate the recipients preferences.
>
> So, there's not a good way to use RIPEMD160 for clearsigning without risking
> a major breakage?
Not in the stable branch. 1.3.x lets you use
personal-digest-preferences in the way you want.
That said, RIPEMD160 happens to be supported fairly widely (i.e. in
PGP), so it would not be a major breakage to use it, though it might
be a minor one.
> I know it is a Good Thing to emit messages that have undefined recipient to
> have minimal protocol requirements for the recipient, but in the case I'd
> like to switch the hash. Why does perconal-digest-preferences not affect
> clearsigning? A deliberate design decision? I'm curious.
More of an evolution of features thing than a deliberate design
decision. The personal-xxxx features grew out of a desire to sort the
preferences differently and not as an alternate way to specify
algorithms.
David
--
David Shaw | dshaw at jabberwocky.com | WWW http://www.jabberwocky.com/
+---------------------------------------------------------------------------+
"There are two major products that come out of Berkeley: LSD and UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
More information about the Gnupg-devel
mailing list