Nullify's GnuPG 1.0.7 Release 2
Werner Koch
wk@gnupg.org
Fri May 3 08:35:01 2002
On Thu, 2 May 2002 16:45:38 -0500, Keith Ray said:
> * SHA-2 Clearsignature - allows clearsigned messages with SHA-2
There is no other implementation using SHA-256, so you using this you
will only foster interoperabilty problems. There is a reason that we
changed the default algorithms used by GnuPG to those which are not
marked as OPTIONAL in rfc2440.
GnuPG 1.1 will have a SHA-256ff but won't use it by default to
generate messages.
> - Enables GPG to generate RSA v3 keys
As already said, v3 keys do have minor security problems.
> - Enables GPG to generate RSA v4 sign and encrypt keys
One should not use the same key for signing and encryption.
Werner