Defaults
Robert J. Hansen
rjh at sixdemonbag.org
Wed Mar 18 01:34:42 CET 2015
> Some of the defaults you propose are already there.
Yes. My list was comprehensive ("what the new set should be"), not
differential ("what needs changing"). :)
> So, AES256 is already the default symmetric cipher (CAST5 and IDEA
> are not even in the list and must both be explicitly requested by the
> user), and SHA256 is already the default hash algorithm.
Your key pref isn't what matters: it's your default-cipher-prefs. :)
CAST5 may not be the default choice anymore, but it can still be
selected (I believe) if the recipient's key prefs list it. I think this
shouldn't be supported; CAST5 should only be used if (a) it's in the
recipient's key prefs and (b) it's explicitly listed in
default-cipher-prefs.
> Do you mean signatures in general, or key signatures
> (certifications)?
The former, although I think setting cert-digest-algo SHA256 by default
may be worth discussing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20150317/50f6e0a5/attachment-0001.sig>
More information about the Gnupg-users
mailing list