Is it possible to sign a message with multiple digest algorithms?
pete at heypete.com
Sat Sep 6 23:40:03 CEST 2014
Is it possible to sign a message (or certify a key) with multiple digest
For example, one might wish to sign a message with both SHA256 and
If so, how would one go about doing this?
I would imagine that, if possible, the command would be similar to "gpg
--armor --digest-algo SHA256 RIPEMD160 --clearsign" but this fails.
If it is possible, how does GPG handle multiple signatures? That is, is
it required that all signatures must be valid for the message to be
considered valid, or is the message considered valid so long as one (out
of many) signatures is valid?
The former behavior would be useful to ensure message long-term message
integrity, in case one of the digest algorithms were found to be weak.
The latter behavior would be useful when using digest algorithms without
wide support (e.g. one might use SHA1 and SHA512, so as to support older
clients while providing greater security for modern ones).
More information about the Gnupg-users