Hash preferences (was: test)
David Shaw
dshaw@jabberwocky.com
Mon Jun 23 01:55:27 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, Jun 22, 2003 at 10:40:53AM -0400, FRANK D. HUBENY wrote:
>
> Hello Group;
>
> I am haveing problems changeing my keys preferrances. I have this line
> uncommented prior to generating a key.
>
> " # default-preference-list S3 H3 "
>
> I then generate a " Test " key useing the defaults from the menue.
> After generateing the key I go back and recomment the above option.
>
> When I chose this key to use for either encrypting and signing a file.
> Or to clearsign a text file I find that my signature perfaerance is not
> being used by thr key. My encryption preferance CAST5 is used. But my
> signature preferance RIPEMD160 is not being used, SHA1 is always use.
For various reasons, GnuPG by default has a personal-digest-preference
of SHA1 set, and that is overriding your key preferences. If you want
the key preferences to be followed, you need to put:
personal-digest-preferences ""
in your gpg.conf file.
Note that when encrypting and signing to multiple keys, the digest
algorithm chosen needs to be agreed on by all keys, and since (by
definition) the only digest algorithm that all keys can agree on is
SHA1, it may be being chosen for that reason.
Note also that the digest preferences in the key won't be followed if
they don't make sense. DSA requires a 160-bit hash, and so if the key
digest preference requests something else, GnuPG naturally won't
(can't) follow that.
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3rc1 (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc
iD8DBQE+9jhZ4mZch0nhy8kRAqRlAJ48Wl/aoAuFO0bEbiX2LfgvapRYLQCfdIDX
1uB8+N/p1Ga3oE90/TMd+qQ=
=JGFA
-----END PGP SIGNATURE-----