the best signature type someone can give me

David Shaw dshaw at
Tue Nov 1 17:06:51 CET 2005

On Tue, Nov 01, 2005 at 02:39:14PM +0100, Christoph Anton Mitterer wrote:
> David Shaw wrote:
> >>If so,... should I (for security/cryptography reasons) ask users to sign 
> >>my key only with SHA512 (or whatever is considered as the currently 
> >>strongest hash)? And/or should I sign others UIDs only with SHA512 (..) ?
> >>   
> >>
> >This is up to you, but note that most OpenPGP programs don't support
> >SHA512 yet.  Also note that most people have a DSA primary key and
> >thus can't use any hash larger than 160 bits.
> > 
> >
> Uhm,... perhaps a stupid question,.. but:
> If DSA keys are 1024 bit large,... why is this only enought for 160 bit 
> hashes?

The question is based on a misunderstanding.  The hash size and key
size are not a 1:1 relation.


More information about the Gnupg-users mailing list