blacklisting MD5 in gpg

Werner Koch wk at
Thu May 7 18:36:58 CEST 2009

On Thu,  7 May 2009 17:12, dshaw at said:

>> Should gpg --version somehow indicate algorithms which it knows about
>> but which are blacklisted in the current configuration?
> That's a good idea.  Maybe putting it in brackets or something like
> "[MD5]" to indicate that it exists, but isn't being used.

Unfortunately this is hard to implement because --version is processed
by the option parser internally and I doubt that it makes sense to
change this to display more information.  --version displays the build
in algorithms; thus even the option --disable-cipher-algo has no effect.

The prober way to get the current configuration is to read gpg.conf or
to use gpgconf along with a GUI tool.  There are just to many setting in
gpg to show them all.  We would need to add extra code to show them and
we will for sure encounter bugs in that the option setting is not
displayed properly.



Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-devel mailing list