So on & so forth

Hauke Laging mailinglisten at
Tue Aug 19 21:40:59 CEST 2014

Am Di 19.08.2014, 14:49:37 schrieb Robert J. Hansen:
> > 2. They have a default skeleton gpg.conf with incompatible digest
> > algo etc. (as discussed many times on the list).
> Use of cert-digest-algo isn't really a problem unless you're needing
> people running old PGP or GnuPG to be able to verify your signatures.
> That's less of a problem than using digest-algo, which can easily
> produce message traffic your correspondents can't read.

Without additional assumptions this is wrong for the simple reason that 
cert-digest-algo renders the self-signatures unreadable, too. A 
certificate with (valid) self-signatures using an incompatible digest is 
completely useless to the other party.

Crypto für alle:
OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20140819/34e2e7ae/attachment.sig>

More information about the Gnupg-users mailing list