Make --enable-dsa2 the default?

Werner Koch wk at
Sun May 17 14:07:59 CEST 2009


Now that GnuPG key generation defaults to RSA keys, we may want to make
the option --enable-dsa2 the default.  The man page currently reads:

  @item --enable-dsa2
  @itemx --disable-dsa2
  Enables new-style DSA keys which (unlike the old style) may be larger
  than 1024 bit and use hashes other than SHA-1 and RIPEMD/160. Note
  that very few programs currently support these keys and signatures
  from them.
Folks not using the default parameters for a new key can be expected to
know what they are doing and thus --enable-dsa2 should not get into
their way.  There will be warning anyway.




Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list