Hash algo for signing - documentation

Nicholas Cole nicholas.cole at gmail.com
Tue Sep 15 15:42:20 CEST 2009

Hi all.  This is a query mostly for my own interest, but I think it
might point to a change in the documentation being required.

I was slightly confused by this message


David suggests (as I read it) that an RSA key created with
--cert-digest-algo sha256  will continue to use sha256 whenever it
signs keys, whereas the documentation implies that you would have to
specify --cert-digest-algo every time a key is signed.  How does an
RSA key choose a hash algorithm for this purpose?

It might also be worth noting that (if I read
correctly) this option does not control what DSA2 keys use.

Or have I misunderstood?

Best wishes,


More information about the Gnupg-users mailing list