Am Di 19.08.2014, 14:49:37 schrieb Robert J. Hansen: > > 2. They have a default skeleton gpg.conf with incompatible digest > > algo etc. (as discussed many times on the list). > > Use of cert-digest-algo isn't really a problem unless you're needing > people running old PGP or GnuPG to be able to verify your signatures. > That's less of a problem than using digest-algo, which can easily > produce message traffic your correspondents can't read.
Without additional assumptions this is wrong for the simple reason that cert-digest-algo renders the self-signatures unreadable, too. A certificate with (valid) self-signatures using an incompatible digest is completely useless to the other party. Hauke -- Crypto für alle: http://www.openpgp-schulungen.de/fuer/unterstuetzer/ http://userbase.kde.org/Concepts/OpenPGP_Help_Spread OpenPGP: 7D82 FB9F D25A 2CE4 5241 6C37 BF4B 8EEF 1A57 1DF5
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
