On Oct 7, 2013, at 6:52 AM, Santiago Vila <sanv...@unex.es> wrote: > Package: gnupg > Version: 1.4.12-7+deb7u1 > > My current GPG key was created in 2009 and very shortly afterwards I > changed the digest preferences as explained here: > > http://www.debian-administration.org/users/dkg/weblog/48 > > and reuploaded the key to the keyservers with the new preferences, namely: > > Digest: SHA512, SHA384, SHA256, SHA224, SHA1 > > Now, if I create a test user in my system, generate a test GPG key > and try to download my key from the keyservers and sign it, I see that > it's still signed using SHA-1:
If I understand properly what you're doing, this is not a bug. The person issuing a signature is ultimately in charge to select the digest when they make the signature. While you can set a digest preference on a key, it is merely a request for people making a signature for your benefit to use a digest that you like. In GnuPG, the digest preference is consulted only for data signatures, not key signatures. David -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
