the best signature type someone can give me
David Shaw
dshaw at jabberwocky.com
Tue Nov 1 17:06:51 CET 2005
On Tue, Nov 01, 2005 at 02:39:14PM +0100, Christoph Anton Mitterer wrote:
> David Shaw wrote:
>
> >>If so,... should I (for security/cryptography reasons) ask users to sign
> >>my key only with SHA512 (or whatever is considered as the currently
> >>strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ?
> >>
> >>
> >This is up to you, but note that most OpenPGP programs don't support
> >SHA512 yet. Also note that most people have a DSA primary key and
> >thus can't use any hash larger than 160 bits.
> >
> >
> Uhm,... perhaps a stupid question,.. but:
> If DSA keys are 1024 bit large,... why is this only enought for 160 bit
> hashes?
The question is based on a misunderstanding. The hash size and key
size are not a 1:1 relation.
David
More information about the Gnupg-users
mailing list