SHA-1 recommendations
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue May 19 06:59:29 CEST 2009
On 05/18/2009 09:49 PM, David Shaw wrote:
> On May 18, 2009, at 8:55 PM, Robert J. Hansen wrote:
>> As I understood the proposal, even if a user put SHA-1 at the top of
>> their preflist, we should consider it to be dropped to the bottom. That
>> would necessitate some changing to the code. Of course, it's possible
>> that I'm misunderstanding either or both of the proposal and the
>> code. :)
>
> Ah. I thought Daniel was proposing that we just change the default hash
> preferences on new keys to something that puts SHA-2 before SHA-1.
> Possibly I missed a message somewhere. I didn't see the other proposal.
All i had proposed in this particular point was changing the value of
default-preference-list to:
SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1
I'm *not* proposing any other changes to default-preference-list.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20090519/e3fd75af/attachment.pgp>
More information about the Gnupg-devel
mailing list