please give us safer defaults for gnupg

Werner Koch wk at
Mon Dec 16 20:42:54 CET 2013

On Mon, 16 Dec 2013 18:37, adrelanos at said:

> [This was originally planed as an open letter, but I thought it might
> be better to hear your arguments beforehand.]

May I suggest to read the archives of just a few weeks to collect the
reasons why suggestions of using SHA-512 are missing the point.  Some
folks here must have bleeding fingertips from repeating the arguments
over and over.

Having said this, I like to appreciate that you have such a trust in us
GnuPG hackers in that our coding practice and development environment is
bug free at a level that only cracking algorithms is the danger to your
data.  I think Adi Shamir was it who said: "Nobody breaks crypto
algorithms; they work around the crypto".



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gnupg-users mailing list