GnuPG Defaults

David Shaw dshaw at jabberwocky.com
Wed Sep 17 18:16:40 CEST 2008


On Wed, Sep 17, 2008 at 12:52:08AM -0500, Kevin Hilton wrote:
> > For whatever it's worth, many people within the OpenPGP community would
> > really like to see a lot of algorithms go away.  (E.g., if it were up to
> > me, only DSA, ElG, AES, 3DES, SHA1 and SHA256 would be supported.)  Some
> > people reduce their advertised capabilities in order to encourage moving
> > to a smaller algorithm set.
> >
> 
> Based on the lack of vulnerabilities of those limited set of
> algorithms (excluding SHA1 -- another topic entirely), it would seem
> to be prudent to "refine" the number of acceptable algorithms.  When
> the SHA family is eventually supplanted and Camellia cipher officially
> recognized, I only see this list expanding, not shrinking!

This is up to you.  You can list whatever algorithms you want to
accept on your key.  Your key, your rules.  Someone elses key, someone
elses rules.  OpenPGP will automatically pick an algorithm that is
acceptable to everyone.

David



More information about the Gnupg-users mailing list