subkey types and preferences...

Douglas F. Calvert douglist at anize.org
Thu Jul 1 05:04:37 CEST 2004 

Hello,
 Is there any consensus about which signing subkey type is better, RSA
or DSA? And or for that matter El Gamal vs. RSA for encryption? What are
the merits/drawbacks of the different key types?

 The next questions are about the preferences for keys:

pub  1024D/C9541FB2  created: 2002-02-27 expires: never      trust: u/u
sub  4096g/0CA2DB2F  created: 2002-02-27 expires: never
(1). Douglas F. Calvert <dfc at anize.org>
(2)  [jpeg image of size 4350]

Command> showpref
pub  1024D/C9541FB2  created: 2002-02-27 expires: never      trust: u/u
(1). Douglas F. Calvert <dfc at anize.org>
     Cipher: AES, TWOFISH, CAST5, BLOWFISH, 3DES
     Digest: RIPEMD160, SHA1
     Compression: ZLIB, ZIP, Uncompressed
(2)  [jpeg image of size 4350]
     Cipher: AES, CAST5, 3DES
     Digest: SHA1, RIPEMD160
     Compression: ZLIB, ZIP, Uncompressed
     Features: MDC

Why does my image uid have different preferences than my first UID? I
imagine that it is because the uid was added with a newer version of
gnupg. Should I update the preferences of ID 1 to match those of UID2?
And while we are on the subject of preferences are there any other
preferences that I should update? I generated a test key with 1.2.4 and
the default preferences are:

(1). default default <defaiult at email.com>
     Cipher: AES256, AES192, AES, CAST5, 3DES
     Digest: SHA1, RIPEMD160
     Compression: ZLIB, ZIP, Uncompressed
     Features: MDC

I generated a new key with 1.3.6 and the preferences are the same except
for the addition of the keyserver no-modify setting. 

I am most concerned about security and the overwhelming majority of my
communications are with people who use gnupg. With that in mind should I
go with the default updpref or is there a set of preferences that would
match my tin-foil hat better?

Finally, I noticed that werner's key 57548DCD, has more than the normal
two digest prefs that I have run across. Out of curiosity is there a
good reason to have a short or long list of preferred ciphers/digests? 

Thanks a lot...

--dfc

--
Douglas F. Calvert 
Email: dfc at anize.org
Spam Inbox: maudet at anize.org

More information about the Gnupg-users mailing list