On 03/16/2010 10:02 AM, Grant Olson wrote: > A while ago I stumbled onto instructions to up my prefs to use a better > hash than SHA1: > > http://www.debian-administration.org/users/dkg/weblog/48
Hi Grant, i'm the author of that post.
> Today I was surfing around, and saw some relatively recent posts on the
> list that said setting "digest-algo" in gpg.conf was a Bad Idea(tm). I
> didn't find any threads on setting "cert-digest-algo", but the manpage
> notes that this can cause interoperability issues.
>
> So is setting "cert-digest-algo SHA256" okay, or is it going to cause
I've used cert-digest-algo SHA512 (even more likely to cause interop
problems than SHA256) ever since i wrote that post, and i have gotten no
complaints at all about my certifications being unusable.
this may have something to do with who i interact with, though (mostly
other free software folks); you might have a different experience if
you have contacts who are locked into ancient software for one reason or
another.
I think that SHA256 should be pretty unobjectionable these days.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
