gpg rejects SHA224 with DSA-2048

Robert J. Hansen rjh at sixdemonbag.org
Mon Nov 9 05:11:01 CET 2009


Kevin Kammer wrote:
> Unless there is some inescapable constraint on the size of one's
> signature, I am hard pressed to think of a reason for using SHA224 when
> SHA256 is available.

Conformance with corporate IT policies.  Many corporate IT policies are
drafted by people who don't really understand the underlying
technologies.  They see the NIST drafts and say "ah, 224-bit hashes are
to be used with DSA-2048," and proceed to require SHA224 to be used with
DSA-2048.





More information about the Gnupg-users mailing list