Should I set cert-digest-algo?

David Shaw dshaw at
Tue Mar 16 16:18:03 CET 2010

On Mar 16, 2010, at 10:02 AM, Grant Olson wrote:

> A while ago I stumbled onto instructions to up my prefs to use a better
> hash than SHA1:
> Today I was surfing around, and saw some relatively recent posts on the
> list that said setting "digest-algo" in gpg.conf was a Bad Idea(tm).  I
> didn't find any threads on setting "cert-digest-algo", but the manpage
> notes that this can cause interoperability issues.
> So is setting "cert-digest-algo SHA256" okay, or is it going to cause
> problems?

It depends on who you are communicating with.  If they're using a fairly recent version of GnuPG or PGP, then it's fine.  If there is someone using old software in the mix, then you'll be preventing them from using your key and any signatures you make.


More information about the Gnupg-users mailing list