ietf-openpgp
[Top] [All Lists]

Re: Changing GPG's default key type

2009-05-04 14:24:04

On May 4, 2009, at 1:28 PM, Christoph Anton Mitterer wrote:

On Mon, 2009-05-04 at 10:40 -0400, David Shaw wrote:
We are currently thinking about changing the default
primary to a 2048-bit RSA key.
Nice :-)

We are not proposing changing our default
signing hash, which will remain SHA-1.
Uhm.. why not?

Concerns about compatibility, mainly. There is a much larger installed base of clients that understand SHA-1 than that understand (say) SHA-256. SHA-256 has only been understood in a non-development version of GPG since 2004. If I recall properly, PGP added it more or less around the same time. That's not that long ago, and I frequently see people asking for support for some version of GPG or PGP that predates SHA-256.

Mind you, we're not stopping people from choosing to use SHA-256 or whatever they like, and with a RSA key, they are of course free to choose anything. SHA-1 is just a default. One way to look at the RSA change, in fact, is to enable users to make their own hash choice, which they didn't really have with the previous default of a 1024-bit DSA key (so locked at 160 bits).

None of this means that we wouldn't change the default signing hash at some point later. It's just not something we're currently planning on for today.

David

<Prev in Thread] Current Thread [Next in Thread>