3 gpg questions

[Werner Koch]

Kirk Fort <kfort at kfort.dyn.ml.org> writes:

> Hi, just had a few questions about gpg. First off, is it just me or is the
> key trust stuff broken or not implemented?  Always get keytrust warnings

It is implemented but may have some bugs - Another problem ist that we
don't have documentation yet and for some folks it is not easy to
figure out, how the web of trust works.

> for all keys other then my own, and under the --edit-key thing the
> 'calculated trust' is always 'not enough information to calculate' or

If may use --debug 256 to see what is going on.

> something like that.  Second,  is the right way to encrypt a mail message
> to someone using pgp 5.0, '--cipher-algo cast5'?  I think this is a

This is not needed because the preferences of the key to whom you send
the message lits available algorithms and so cast5 used.

> problem with gpg not supporting 3des (yet) and pgp not supporting blowfish

pgp 5 does support Blowfish.

> (does pgp 6.0 support blowfish?).  And lastly, I installed gpg as root,
> and the gpg binary is listed as root owner, but when I start it under my
> user account I get the using insecure memory warning.  When I start gpg as

You must install gpg as setuid root - see a unix manual how to do this
and what is means.


Werner