[PATCH] default-preference-list: prefer SHA512.
Werner Koch
wk at gnupg.org
Wed Nov 15 20:52:08 CET 2017
On Thu, 28 Sep 2017 14:32, dkg at fifthhorseman.net said:
> Specifically, this changes --default-preference-list from:
>
> SHA256 SHA384 SHA512 SHA224
>
> to:
>
> SHA512 SHA384 SHA256 SHA224
Given that these are only preferences I don't see a reason to object
against swapping SHA256 with SHA512.
In general I would like to get rid of SHA224 and SHA384 because I can't
see any advantage in using them or _announcing_ that they are supported:
Both are truncated version of the other algos using a different IV.
They are similar like AES192 which is also rarely used. Note that gpg
will in any case _support_ all 4 algos.
However, dropping them 2.2 would not be good. Thus my suggestion for
2.2 would be:
SHA512 SHA256 SHA384 SHA224
and for 2.3:
SHA512 SHA256
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20171115/b7af4b0e/attachment.sig>
More information about the Gnupg-devel
mailing list