SHA-1 recommendations

Robert J. Hansen rjh at
Tue May 19 00:37:07 CEST 2009

Daniel Kahn Gillmor wrote:
> additional formal document.  And i do think that gpg should change the
> default preference list to be (for digests only -- i'm haven't looked
> into ciphers enough to make a reasonable estimation):
>   SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1

I would be opposed to this, mostly for interop reasons.  SHA256 is much
more prevalent than SHA512 or SHA384.

That said, it's pretty mild opposition: if the other guy doesn't
advertise SHA512, it won't be used.

More information about the Gnupg-devel mailing list