How to Determine Digest Algorithm
newsaccount at kfwebs.net
Tue Dec 19 13:54:07 CET 2006
-----BEGIN PGP SIGNED MESSAGE-----
Patrick Brunschwig wrote, On 12/19/2006 09:33 AM:
> I'm trying to find a good way to determine the digest algorithm that
> GnuPG uses for a signed message. My problem is this: for PGP/MIME signed
> messages, I need to know the algorithm before the message is created.
> Therefore I create a signed dummy message, and extract from it the hash
> algorithm. However, the problem is that this requires the user to type
> the passphrase twice, which I would like to avoid.
If the gpg-agent is used it would be cached. Ditto for the password
handling you're using in Enignamil
> Is there a better way to determine the hash algorithm without actually
> creating a signed message?
In my opinion the digest algorithm is better decided by the sender in
the first place. The message might not be addressed to everyone that is
supposed to verify it at a later point, and the digest itself should be
based upon the senders requirements.
e.g. I wouldn't sign a contract with an md5 digest algorithm, in the
light of the work being done on cracking such a message digest, because
that was the only common denominator. Then I'd rather ask the others to
Post scriptum! I've been experimenting a bit with the gnupg key
generation lately, and have at least a keyset of 15360 bit keys
generated ( http://www.kfwebs.net/news/603/15360-bit-OpenPGP-key )
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-devel