why is SHA1 used? How do I get SHA256 to be used?

Laurent Jumet laurent.jumet at skynet.be
Tue Jul 10 07:59:56 CEST 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


Hello Robert !

"Robert J. Hansen" <rjh at sixdemonbag.org> wrote:

>> I think that by default, --gnupg is in use; --gnupg means --openpgp
>> This means strict OpenPGP behaviour: MD5, SHA1, RIPEMD160

> Nope.

>> Try using "--digest-algo SHA256" in the command line or GPG.CONF;
>> may be you'll need to suppress "--personal-digest-preferences" from
>> GPG.CONF (I don't know).

> I feel like I've said this several times in the past few months.  Let me
> say it one more time, loudly:

> DON'T USE --cipher-algo OR --digest-algo UNLESS YOU KNOW EXACTLY WHAT
> YOU'RE DOING AND WHY.  IT'S EASY TO CREATE MESSAGES YOUR RECIPIENT
> CANNOT READ.  USE THE --personal-X-preferences INSTEAD.

    The question was: why does GPG uses another preference that the primary 
one?
    I've the same problem, this ClearSign message is in RIPEMD160 despite it's 
not the first choice, and obviously there is no receipient here.

- -- 
Laurent Jumet
      KeyID: 0xCFAF704C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (MingW32)

iHEEAREDADEFAk/7xaYqGGh0dHA6Ly93d3cucG9pbnRkZWNoYXQubmV0LzB4Q0ZB
RjcwNEMuYXNjAAoJEPUdbaDPr3BMvUMAoJo9kNtbXW39GOHMSmB8EMaDHu9DAKCw
q2MNfcNyx5aLv/titlDxloqy2g==
=1mFk
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list