Make --enable-dsa2 the default?
Philipp Schafft
lion at lion.leolix.org
Sun May 17 15:38:32 CEST 2009
reflum,
On Sun, 2009-05-17 at 14:07 +0200, Werner Koch wrote:
> Hi!
>
> Now that GnuPG key generation defaults to RSA keys, we may want to make
> the option --enable-dsa2 the default. The man page currently reads:
> [...]
> Folks not using the default parameters for a new key can be expected to
> know what they are doing and thus --enable-dsa2 should not get into
> their way. There will be warning anyway.
>
> Opinions?
wouldn't that also change the behavor on old 1024 bit DSA keys? If I
upgrade to a newer GnuPG and have for example set SHA256 as default (for
example with a RSA signing subkey) digest wouldn't that result the
SHA256 cert sigs as well with all known problems?
--
Philipp.
(Rah of PH2)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: </pipermail/attachments/20090517/3c6a1848/attachment.pgp>
More information about the Gnupg-devel
mailing list