DSA2 default status

David Shaw dshaw at jabberwocky.com
Wed Nov 18 20:02:08 CET 2009


On Nov 18, 2009, at 1:50 PM, Robert J. Hansen wrote:

> David Shaw wrote:
>> Thoughts?
> 
> Depending on how soon the V5 key spec is ready, we may want to fold
> everything in all at once.  Changing defaults isn't a big deal, but it
> tends to get pushback from users who seem to think their old keys are
> somehow broken or defective (since otherwise, "they wouldn't have
> changed the defaults").

I think we've already paid the user-confusion bill when we made the switch from DSA to RSA.

> If V5 is going to be more than six months or so, though, then I think
> enabling DSA2 by default should be done now.

V5 is nowhere near 6 months away.  I'd be shocked if it happened before 2011.  There just isn't much to talk about for V5 until SHA-3, and even the preliminary results for that aren't due until 2010.

David




More information about the Gnupg-devel mailing list