L. Sassaman
Thu, 13 Apr 2000 15:15:45 -0700 (PDT)

Hash: SHA1

On Thu, 13 Apr 2000, L. Sassaman wrote:

> Note, also, that GnuPG does not use DSS by default. The jury is still out
> on the effectiveness of RIPEMD160 in place of SHA-1 when used with DSA. It
> could be just as secure, but "could be's" are not usually something you
> want to mess with in cryptography.
And I meant to continue and say that PGP doesn't recognise signatures made with DSA that don't comply with DSS. Thus, you can use RIPEMD160 with RSA, but if used with DSA (the default in GnuPG) it will result in a "BAD SIG" warning if verified with PGP. - --Len. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger:// | --Joe Diffie -----BEGIN PGP SIGNATURE----- Comment: For info see iEYEARECAAYFAjj2RxoACgkQPYrxsgmsCmp6OQCeITOp+/qhoDpDarzOtjc2AuzU TKcAn20WZF130X1pdFsBvDvbbwjqhiGS =t+1V -----END PGP SIGNATURE-----