Signature has algorithms
topas.org at web.de
Thu Dec 8 11:47:42 CET 2005
I've seen that one can use different hash algorithms for creating
signatures. The default is SHA-1 I think, but (and correct me if I'm
wrong) SHA-512 (or even the "smaller" ones) should be more secure.
Ok,.. I've seen that one is able to change the used algorithm with the
"--cert-digest-algo" option. For the primary key I could do the following:
1) Set the new algo (gpg.conf or command line).
2) Edit the key.
2a) Set prefered key server URL.
2b) Set some other settings from the primary key self-signature.
2c) Set prefered algorithms.
3) Delete every new self-signature except the last one (which shuld
contain all the new settings with the new hash algorithm). (Is this
possible/resonable, to delete the others?)
4) Save the key and be happy.
But what can I do with the self-sigs from my existing keys? How can I
recreate them (with the new hash algorithm).
Thanks in advance.
More information about the Gnupg-users