Encryption algorithm compatibility

Occasional Contributor


In VS when I "Create App Packages" one of the options is "Encryption algorithm". 


All documentation I've seen uses SHA256. Presumably the other options (SHA512 and SHA384) have less compatibility with older versions of Windows? Or a speed difference? I could not find any documentation on which to use.


So, why should or shouldn't I use SHA512? SHA512 is generally more secure than the others, right?






(On a side note, in case someone agrees: One of the 'simple' things MS could do to ease developer signing of msix would be default to a MS hosted timestamp server.)


2 Replies
Both appx framework and signing support sha384 and sha512 also. But sha256 is the default in a lot of tools starting from Windows 8. You could use any of these algorithms.

Hmm, ok. Thank you for the reply. But if there is no reason to change this from the default SHA-256, may I then suggest that you remove that option from the VS publish dialog?