Patch add support for different algorithms in the agent private key storage

Werner Koch wk at gnupg.org
Wed Feb 20 15:46:36 CET 2013


On Wed, 20 Feb 2013 04:30, kylebutt at gmail.com said:
> There's probably more to done for this to be complete, but I'd like to
> get thoughts before I go too much further. I've tested with a new key
> and it works. Info about writing an automated test would be useful.

I am not keen to add the complexity by adding new vanity ciphers.  If we
would start with this we would rightfully receive requests to add yet
another cipher for use in country X.  There is a reason why gpg-agent
only uses one cipher.  Right, it could be argued that AES-256 is a
stronger variant of AES but AES 128 is still sufficient for our
purposes.  There are many possible attacks on the passphrase and AES-128
is for sure not the weakest point.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-devel mailing list