choice of encryption algorithms

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Jun 21 18:39:33 CEST 2012


On 06/21/2012 12:52 AM, Robert J. Hansen wrote:
> Please don't do this.  It's error-prone.  Those are machine-readable
> numbers, not human-readable ones.  Use the human-readable ones: for
> instance,
> 
> default-preference-list TWOFISH 3DES SHA256 SHA224 RIPEMD160

completely agreed.

> Also, default-preference-list is redundant with the other -preferences.

i don't think this is the case.  default-preference-list describes the
default preferences used for new keys.  That is, for keys created by the
local installation of gpg, the embedded preference list stored in the
self-sig is chosen by this value.

The personal-*-preferences settings, on the other hand, allow the user
of gpg to override the recipient's self-sig's stated preferences,
allowing to use the highest-personally-ranked algorithm that the
recipient has stated that they can handle.

The description in the gpg man page for these options describes them
quite well, and it doesn't mention any relationship between them.  If
there is indeed a relationship, the manual probably needs to change to
reflect it.

Regards,

	--dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1030 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20120621/1384521c/attachment.pgp>


More information about the Gnupg-users mailing list