On Tue, Jan 29, 2013 at 06:36:25PM -0600, John Clizbe wrote: > ved...@nym.hush.com wrote: > > if so, would this fall under the open-pgp RFC, or would it have to go > > through an > > RSA standard first? > > RFC 4880 makes no mention of OAEP. RFC 4880 references RFC 3447 for details of > RSA implementation. > > So, from what I can tell, RSA standard first, then OpenPGP by incorporating > the new RSA standard. THEN, Gnupg.
Although it is the default, RFC 3447 is not restricted to SHA-1. Appendix B actually states: "For the RSAES-OAEP encryption scheme and EMSA-PSS encoding method, only SHA-1 and SHA-256/384/512 are recommended." _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users