On May 10, 2010, at 8:23 AM, Harakiri wrote: > Hello, > > the old DSA standard only supported 1024 bit, however the newer with SHA256 > support 2048 and more. > > I tried it with the --genkey command, i tried > > Key-Type: DSA2 > Key-Type: DSA-2 > Key-Type: DSASHA256 > > no dice, how can you generate these kind of keys?
I assume you are doing a --batch key generation (as that is the one that uses a "Key-Type" field). To generate a > 1024 bit DSA key, just generate a regular DSA key and request a Key-Length that is larger than 1024 bits. You need a recent version of GPG (1.4.4 for the 1.x branch), and until the latest release, you had to provide --enable-dsa2 as well. > And, do old gpg versions verify such signatures correctly? Only 1.4.4 and later for the 1.x branch. I don't recall which 2.x version added support. David _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
