DSA2 and recipient preferences
dshaw at jabberwocky.com
Sun Jun 11 14:55:04 CEST 2006
On Tue, Jun 06, 2006 at 02:20:30AM +0200, Bernd Eckenfels wrote:
> On Sat, Jun 03, 2006 at 06:00:23PM -0400, David Shaw wrote:
> > With DSA2, the recipient may not have *any* of the digests needed by
> > the sender. The choice then becomes to let the sender pick a digest
> > the recipient can't handle, or... don't sign at all.
> Maybe a "bahaviour_on_digestdowngrade = _accept_ | warn | abort" option? Or
> make people add the sha1 fallback to the allowed algos if they dont want the
It's not a question about having people allow SHA1. The algorithm
itself cannot function with SHA1. SHA1 is unusable in DSA2.
More information about the Gnupg-devel