DSA2 and recipient preferences
David Shaw
dshaw at jabberwocky.com
Sun Jun 11 14:55:04 CEST 2006
On Tue, Jun 06, 2006 at 02:20:30AM +0200, Bernd Eckenfels wrote:
> On Sat, Jun 03, 2006 at 06:00:23PM -0400, David Shaw wrote:
> > With DSA2, the recipient may not have *any* of the digests needed by
> > the sender. The choice then becomes to let the sender pick a digest
> > the recipient can't handle, or... don't sign at all.
>
> Maybe a "bahaviour_on_digestdowngrade = _accept_ | warn | abort" option? Or
> make people add the sha1 fallback to the allowed algos if they dont want the
> warning...
It's not a question about having people allow SHA1. The algorithm
itself cannot function with SHA1. SHA1 is unusable in DSA2.
David
More information about the Gnupg-devel
mailing list