Nullify's GnuPG 1.0.7 Release 2

Keith Ray
Fri May 3 17:34:01 2002

Hash: SHA1

Quoting Werner Koch <>:

> On Thu,  2 May 2002 16:45:38 -0500, Keith Ray said:
> > * SHA-2 Clearsignature - allows clearsigned messages with SHA-2
> There is no other implementation using SHA-256, so you using this you
> will only foster interoperabilty problems.  There is a reason that we
> changed the default algorithms used by GnuPG to those which are not
> marked as OPTIONAL in rfc2440. 
> >   - Enables GPG to generate RSA v3 keys
> As already said, v3 keys do have minor security problems.
> >   - Enables GPG to generate RSA v4 sign and encrypt keys
> One should not use the same key for signing and encryption.

Nothing in the Nullify release forces the user to do any of these
things.  In fact, they would have to go out of their way to do so. 
Since SHA-256/384/512 is not the default hash, a user would have to
explicitly change their algorithm preferences after key creation or
force its use on the command line.  Generating RSA v3 keys or RSA v4
sign+encrypt keys can only be done with the --expert option.  The reason
I created the Nullify release was to give the USER the option to use the
algorithms and features he/she wants.

  -- Keith

Version: GnuPG v1.0.7 (MingW32) - GPGshell v2.28