--digest-algo (feature request)

Atom 'Smasher' atom at suspicious.org
Fri Jul 16 17:52:14 CEST 2004


(responding to self)

i just "discovered" --personal-digest-preferences, which seems to mostly
do what i need.


> if i set "digest-algo" to "SHA256" and try to sign something with a DSS
> key, it fails (after typing a password, which makes it even more
> annoying).
>
> should signing with a DSS key ignore --digest-algo (and always use SHA1)??
>
> is there (or should there be) a better way to match larger hashes with
> larger (non-DSS) signing keys?
>
> if i have a 4096 RSA primary key and a DSS subkey (oh, wait a minute, i
> *do* have that ;) should there be a way to specify (in the configuration
> file) that i want to use a larger hash if i'm signing with my 4096 RSA
> key, while not causing problems for my DSS key?
>
> what if i generate a 2048 RSA signing subkey... let's say i want to
> specify (in my config) that i want to use SHA-512 if i'm signing something
> with my 4096 key; and SHA-256 if i'm signing something with a 2048 key...
> and of course, DSS still needs SHA-1.

        ...atom

 _________________________________________
 PGP key - http://atom.smasher.org/pgp.txt
 762A 3B98 A3C3 96C9 C6B7 582A B88D 52E4 D9F5 7808
 -------------------------------------------------

	"In nature there are neither rewards nor punishments -
	 there are consequences."
		-- Robert G. Ingersoll




More information about the Gnupg-devel mailing list