digest preferences [was: Re: diverging from upstream defaults]
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Sep 13 17:25:24 CEST 2017
now cc'ing and setting M-F-T to gnupg-devel, since this is now a
discussion about changes to GnuPG upstream; for those just joining the
thread, see the background here:
On Fri 2017-09-08 15:19:40 -0400, Daniel Kahn Gillmor wrote:
> Werner Koch wrote:
>>> SHA-256 vs: SHA-512: There has been a heated debate in the OpenPGP WG on
>>> devices (IoT), who would be the most likely use case for curve 25519, so
>>> i have a hard time imagining who we're protecting with this, though.
>> Indeed that is a problem with ed25519 - but at least they can use cv25519.
>> To avoid source code chnages, would a configure option be useful to
>> switch the preferences?
> that'd be great, but there are two different decisions here:
> a) DEFAULT_DIGEST_ALGO (--cert-digest-algo and --digest-algo both
> inherit it by default) -- should it be SHA256 or SHA512?
> b) order of the default preferences embedded in OpenPGP certificates
> (should it go "SHA512,SHA384,SHA256" or "SHA256,SHA384,SHA512"?)
I'd like to take these two questions separately, and see whether we can
answer them separately first.
I'll start with (b) in this e-mail, in particular with
--default-preference-list indicates what algorithms to advertise in a
newly-generated key. For most modern 64-bit computers, sha-512 is
faster to compute at any reasonable size, so it looks to me like the
published preference order should be changed to indicate a preference
for SHA512 by default. People with special hardware or custom needs can
always edit their configuration.
Can we get consensus on this change, if its implementation has no effect
on --personal-digest-preferences, --digest-algo, or --cert-digest-algo?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 832 bytes
Desc: not available
More information about the Gnupg-devel