SHA-1 recommendations
Robert J. Hansen
rjh at sixdemonbag.org
Tue May 19 00:37:07 CEST 2009
Daniel Kahn Gillmor wrote:
> additional formal document. And i do think that gpg should change the
> default preference list to be (for digests only -- i'm haven't looked
> into ciphers enough to make a reasonable estimation):
>
> SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1
I would be opposed to this, mostly for interop reasons. SHA256 is much
more prevalent than SHA512 or SHA384.
That said, it's pretty mild opposition: if the other guy doesn't
advertise SHA512, it won't be used.
More information about the Gnupg-devel
mailing list