updating default digest preferences

Werner Koch wk at gnupg.org
Thu Jul 9 09:45:23 CEST 2009

On Mon,  6 Jul 2009 23:52, dkg at fifthhorseman.net said:

> with new versions of gpg pending, is there any chance of getting the
> default key preferences updated, as referenced here:

Done a bit different for 2.0; the default hash algo order is now:

      SHA-256, SHA-1, SHA-384, SHA-512, SHA-224.

Ordering SHA-1 before SHA-384 might be viewed as a bit strange; it is
done because we expect that soon enough SHA-3 will be available and at
that point there should be no more need for SHA-384 etc.  Anyway this
order is just a default and can easily be changed by a config option.

I also changed the Q parameter for 2048 bit DSA keys: Is is now 256 so
that a full SHA-256 is used and people won't wonder whether SHA-224 or a
truncated SHA-256 will be used.  

In non-expert mode DSA-2 keys are rounded towards a multiple of 1024.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list