Pref
Kiefer, Sascha
sk at intertivity.com
Thu Jun 2 01:17:09 CEST 2005
> Yes, but this is a bad mistake to make. If an algorithm does
> not appear in someones preferences, then it shouldn't be
> used. For example, IDEA is an optional algorithm in OpenPGP.
> If your administrator decides that everyone should use IDEA,
> that will mean that some users will not be able to read the message.
Of course.
What i did is the following.
The administrator as the option to rearange the supported algorithms
of gnupg. By the default the order may be like
3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH
But the policy forces him to have the following order
TWOFISH, AES256, AES192, AES, -3DES, -CAST5, BLOWFISH (the minus means,
that this algorithm should not be used at all).
Now, A sends an email to B and the capavilities of B's public key are
AES, IDEA, BLOWFISH, AES192, BLOWFISH
Now my program will encrypt the mail using AES192 (because it is the highest
algorithm forced by the policy which is accepted by B
In the cas the public key supports only
IDEA, 3DES
my program will raise an error because the those algorithms are not
permitted by the policy
Regards,
Sascha
More information about the Gnupg-users
mailing list