Are DSA2 signing keys backwards compatible?
Kevin Hilton
kevhilton at gmail.com
Mon Feb 11 03:30:24 CET 2008
Just to clarify for some other users,
What version of GnuPG were the DSA2 keys (or longer DSA signing keys)
and the additional SHA hashes introduced?
A little of topic, but I'm predicting a future foreseeable bump in the
road when the Secure Hash Standard is named in 2011 (or whenever the
recent NIST hash analysis is concluded). I guess however the
personal-hash-preferences would bypass this problem and default to
SHA1 if a new hash (or series of new hashes) is introduced.
Hopefully md5 support is abandoned, however I guess for historical
purposes this would be unlikely to happen.
Even more challenging will be when longer DSA keys become the de-facto
standard. I would guess there is not any similar workaround. I guess
users of older GnuPG versions would simply have to upgrade.
More information about the Gnupg-users
mailing list