Personal prefs

David Shaw
Wed Nov 20 14:26:02 2002

On Wed, Nov 20, 2002 at 12:25:52PM +0100, Gregor Zattler wrote:
> Hi David et al.,
> * David Shaw <> [19. Nov. 2002]:
> > An easy way to think about the personal prefs is as an additional
> > recipient that doesn't actually get the message, but does have
> > preferences that must be taken into account.
> ? In which circumstances could this happen?
> My understanding is:
> Somebody sends me her pub key.  She tells me (my gpg) via --edit
> user-id setprefs which algos, hashes and compression she trusts
> *and* her equipment is able to process.  With personal prefs i
> (my gpg) select(s) a algo, hash and compression *i* trust (and my
> equipment is able to process) from the set she send me with her
> pub key.  Is this correct?

Pretty much.  Each recipient has a list of algorithms on their key,
you have a list of algorithms in your config file.  GnuPG takes the
intersection of all of these lists and uses it to pick the algorithms
for that message.  If the cipher intersection is empty (i.e. if you
allow only CAST5 and AES, and your recipient allows only TWOFISH and
BLOWFISH), then 3DES is used.  If the hash intersection is empty, SHA1
is used.  If the compression intersection is empty, the message is not


   David Shaw  |  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson