cert-digest-algo clarification
David Shaw
dshaw at jabberwocky.com
Wed Jul 11 19:28:12 CEST 2012
On Jul 11, 2012, at 1:06 PM, Sam Smith wrote:
> To make sure I understand correctly:
>
> 1) cert-digest-algo SHA256 = will use SHA256 to sign KEYS with regardless of what preferences the key holder has stipulated
>
> 2) digest-algo SHA256 = will use SHA256 to sign MESSAGES with regardless of what preferences the recipient of the message has stipulated
>
> Do I understand these commands correctly?
Not exactly. For signing keys (#1), there are no preferences, so there is nothing to override. It's just whatever you set cert-digest-algo to. Note, though, that this includes signing your own key, so if you make a subkey or add a user ID, the binding signature will also use that digest. For #2, you do understand correctly.
David
More information about the Gnupg-users
mailing list