Make --enable-dsa2 the default?
lion at lion.leolix.org
Sun May 17 15:38:32 CEST 2009
On Sun, 2009-05-17 at 14:07 +0200, Werner Koch wrote:
> Now that GnuPG key generation defaults to RSA keys, we may want to make
> the option --enable-dsa2 the default. The man page currently reads:
> Folks not using the default parameters for a new key can be expected to
> know what they are doing and thus --enable-dsa2 should not get into
> their way. There will be warning anyway.
wouldn't that also change the behavor on old 1024 bit DSA keys? If I
upgrade to a newer GnuPG and have for example set SHA256 as default (for
example with a RSA signing subkey) digest wouldn't that result the
SHA256 cert sigs as well with all known problems?
(Rah of PH2)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 482 bytes
Desc: This is a digitally signed message part
More information about the Gnupg-devel