SHA1 being used despite public key preferences

Robert J. Hansen rjh at
Wed Oct 20 21:33:27 CEST 2010

On 10/20/2010 3:08 PM, smu johnson wrote:
> Sure, this is confusing, but since experts such as Bruce Schneier
> say to quit using SHA-1...

I like Bruce, and I think he does good work -- but appealing to
authority here is simply a non-starter.

In real-world systems you can't simply stop using an algorithm cold and
start using something new.  The overwhelming majority of times you have
to establish a migration path to allow the system to continue operating
as new capabilities are added to it and old capabilities removed.

This process can take decades.  Consider, e.g., that MD5 is still
supported in GnuPG today -- it's hard for me to think of a hash
algorithm more deprecated than MD5 (maybe, what, MD2, MD4?), but we've
still got to support MD5.  Maybe someday we can remove MD5 support
altogether, but that won't be happening for a while yet.

> This is my favourite solution.  This way, I won't have to ask every 
> single newcomer to GnuPG sending me signed messages to request my key
> prefs for digest algorithms.

Why should your preferences affect what algorithms they elect to use for
their signatures?  That would be like telling me, "Rob, I like
WHIRLPOOL.  Therefore, use WHIRLPOOL when signing data."  To heck
with that: I'm going to use SHA256, or whatever algorithm I like.

More information about the Gnupg-devel mailing list