So on & so forth
Hauke Laging
mailinglisten at hauke-laging.de
Tue Aug 19 21:40:59 CEST 2014
Am Di 19.08.2014, 14:49:37 schrieb Robert J. Hansen:
> > 2. They have a default skeleton gpg.conf with incompatible digest
> > algo etc. (as discussed many times on the list).
>
> Use of cert-digest-algo isn't really a problem unless you're needing
> people running old PGP or GnuPG to be able to verify your signatures.
> That's less of a problem than using digest-algo, which can easily
> produce message traffic your correspondents can't read.
Without additional assumptions this is wrong for the simple reason that
cert-digest-algo renders the self-signatures unreadable, too. A
certificate with (valid) self-signatures using an incompatible digest is
completely useless to the other party.
Hauke
--
Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/
http://userbase.kde.org/Concepts/OpenPGP_Help_Spread
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140819/34e2e7ae/attachment.sig>
More information about the Gnupg-users
mailing list