[PATCH] default-preference-list: prefer SHA512.
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Sat Nov 18 01:11:49 CET 2017
On Wed 2017-11-15 20:52:08 +0100, Werner Koch wrote:
> On Thu, 28 Sep 2017 14:32, dkg at fifthhorseman.net said:
>> Specifically, this changes --default-preference-list from:
>> SHA256 SHA384 SHA512 SHA224
>> SHA512 SHA384 SHA256 SHA224
> Given that these are only preferences I don't see a reason to object
> against swapping SHA256 with SHA512.
great! should i merge the patch then on master and STABLE-BRANCH-2-2,
or will you do it?
> In general I would like to get rid of SHA224 and SHA384 because I can't
> see any advantage in using them or _announcing_ that they are supported:
> Both are truncated version of the other algos using a different IV.
> They are similar like AES192 which is also rarely used. Note that gpg
> will in any case _support_ all 4 algos.
> However, dropping them 2.2 would not be good. Thus my suggestion for
> 2.2 would be:
> SHA512 SHA256 SHA384 SHA224
> and for 2.3:
> SHA512 SHA256
If you'd like to have a separate discussion about dropping SHA224 and
SHA384 for 2.3, i have no objections -- i've never seen those used in
the wild, so discouraging their use further doesn't seem like a problem
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 832 bytes
Desc: not available
More information about the Gnupg-devel