gpg rejects SHA224 with DSA-2048
Kevin Kammer
mephisto at fastmail.net
Mon Nov 9 05:26:43 CET 2009
On Sun, Nov 08, 2009 at 11:11:01PM -0500
Also sprach Robert J. Hansen:
> Kevin Kammer wrote:
> > Unless there is some inescapable constraint on the size of one's
> > signature, I am hard pressed to think of a reason for using SHA224 when
> > SHA256 is available.
>
> Conformance with corporate IT policies. Many corporate IT policies are
> drafted by people who don't really understand the underlying
> technologies. They see the NIST drafts and say "ah, 224-bit hashes are
> to be used with DSA-2048," and proceed to require SHA224 to be used with
> DSA-2048.
>
Ah yes... corporate policy. How could I forget?
Having deployed PKI while I was in the military, I can certainly
sympathise with you regarding a large organization rigorously adhering
to policy, regardless of how much or little sense it makes.
The bright side is, the same documents which say SHA224 can be used with
DSA-2048 also permit SHA256. If anyone sets policy based on, say,
FIPS186, you can always cite that part.
-Kevin
--
"Le hasard favorise l'esprit préparé."
--Louis Pasteur
More information about the Gnupg-users
mailing list