cert-digest-algo clarification
Sam Smith
smickson at hotmail.com
Thu Jul 12 14:41:49 CEST 2012
regarding #1: you said there are no preferences. Assuming I don't set cert-digest-algo, what is the HASH that is used to sign keys with?
> Subject: Re: cert-digest-algo clarification
> From: dshaw at jabberwocky.com
> Date: Wed, 11 Jul 2012 13:28:12 -0400
> CC: gnupg-users at gnupg.org
> To: smickson at hotmail.com
>
> On Jul 11, 2012, at 1:06 PM, Sam Smith wrote:
>
> > To make sure I understand correctly:
> >
> > 1) cert-digest-algo SHA256 = will use SHA256 to sign KEYS with regardless of what preferences the key holder has stipulated
> >
> > 2) digest-algo SHA256 = will use SHA256 to sign MESSAGES with regardless of what preferences the recipient of the message has stipulated
> >
> > Do I understand these commands correctly?
>
> Not exactly. For signing keys (#1), there are no preferences, so there is nothing to override. It's just whatever you set cert-digest-algo to. Note, though, that this includes signing your own key, so if you make a subkey or add a user ID, the binding signature will also use that digest. For #2, you do understand correctly.
>
> David
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120712/e9ffb0cf/attachment.htm>
More information about the Gnupg-users
mailing list