--blacklist-digest-algo plans [was: Re: un-trusting MD5 in gpg]
David Shaw
dshaw at jabberwocky.com
Thu May 7 21:28:35 CEST 2009
On May 7, 2009, at 2:10 PM, John W. Moore III wrote:
> David Shaw wrote:
>
>> We effectively have this now. If you take the cipher out of both
>> your
>> on-key preferences and your personal-cipher-preferences, then other
>> people will not use it when encrypting to you, and you will not use
>> it
>> when encrypting to other people. GPG will even print a warning if
>> someone uses it to encrypt to you ("WARNING: cipher algorithm
>> such-and-such not found in recipient preferences").
>
> Err..... This presupposes that _all_ Correspondents re-Import/Refresh
> One's Key with the "re-preferenced" Copy. Good Luck with that.
No, it does not change the situation at all.
In the "preferences" case, you won't generate a message with the
cipher in question. If you get a message with the cipher in question,
you will decrypt it but will display a warning.
In the "blacklist" case, you still won't generate a message with the
cipher in question. And if you get a message with the cipher in
question, you will still decrypt it, and will still display a warning.
The only difference between the two is that in the "preferences" case,
you at least told people not to use the cipher. Sure, they may not
have gotten the update, or may choose to ignore you, but even if they
do, the effect is the same on your side.
David
More information about the Gnupg-devel
mailing list