please change the default hashing algorithm

Ben McGinnes ben at adversary.org
Tue Jul 14 21:51:03 CEST 2015


On 15/07/2015 4:09 am, Robert J. Hansen wrote:
>> That can be fixed with the digest preferences.
> 
> Speaking of, what *are* the current default preference lists, as of
> GnuPG 2.1.6?  It's been quite some time since I've looked at them, and I
> suspect they may have changed.

Good question ...

I checked, they're still pretty lame with the default RSA key type:

     Cipher: AES256, AES192, AES, 3DES
     Digest: SHA256, SHA384, SHA512, SHA224, SHA1
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify

And the same is true of ECC:

pub  brainpoolP512r1/A675A51E
     created: 2015-07-14  expires: never       usage: SC
     trust: ultimate      validity: ultimate
sub  brainpoolP512r1/4CB4C289
     created: 2015-07-14  expires: never       usage: E
[ultimate] (1). Benny (have you seen my jets?) <ben at example.net>

gpg> showpref
[ultimate] (1). Benny (have you seen my jets?) <ben at example.net>
     Cipher: AES256, AES192, AES, 3DES
     Digest: SHA256, SHA384, SHA512, SHA224, SHA1
     Compression: ZLIB, BZIP2, ZIP, Uncompressed
     Features: MDC, Keyserver no-modify


Regards,
Ben

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150715/a82f987b/attachment-0001.sig>


More information about the Gnupg-devel mailing list