gpg rejects SHA224 with DSA-2048

Robert J. Hansen rjh at
Mon Nov 9 05:11:01 CET 2009

Kevin Kammer wrote:
> Unless there is some inescapable constraint on the size of one's
> signature, I am hard pressed to think of a reason for using SHA224 when
> SHA256 is available.

Conformance with corporate IT policies.  Many corporate IT policies are
drafted by people who don't really understand the underlying
technologies.  They see the NIST drafts and say "ah, 224-bit hashes are
to be used with DSA-2048," and proceed to require SHA224 to be used with

More information about the Gnupg-users mailing list