Is it possible to sign a message with multiple digest algorithms?

Pete Stephenson pete at
Sat Sep 6 23:40:03 CEST 2014

Hi all,

Is it possible to sign a message (or certify a key) with multiple digest

For example, one might wish to sign a message with both SHA256 and

If so, how would one go about doing this?

I would imagine that, if possible, the command would be similar to "gpg
--armor --digest-algo SHA256 RIPEMD160 --clearsign" but this fails.

If it is possible, how does GPG handle multiple signatures? That is, is
it required that all signatures must be valid for the message to be
considered valid, or is the message considered valid so long as one (out
of many) signatures is valid?

The former behavior would be useful to ensure message long-term message
integrity, in case one of the digest algorithms were found to be weak.
The latter behavior would be useful when using digest algorithms without
wide support (e.g. one might use SHA1 and SHA512, so as to support older
clients while providing greater security for modern ones).


More information about the Gnupg-users mailing list