Can you clarify when data compression is used?

Robert J. Hansen rjh at
Mon Feb 4 19:57:34 CET 2008

Kevin Hilton wrote:
> The problem I have, is that no where in the documentation are the
> defaults specified.

>From the first full paragraph of the manpage:  "[GnuPG] is a tool to
provide digital encryption and signing services using the OpenPGP
standard.  [GnuPG] features complete key management and all bells and
whistles you can expect from a decent OpenPGP implementation."

To me, that language is pretty clear about where you should look--the
OpenPGP standard, aka RFC4880, or its immediate predecessor RFC2440.

That said, just because I think it's clear doesn't necessarily means it
/is/ clear.  If it turns out that language is confusing or unclear, it
should definitely be changed to point people in the right direction.

I wonder who the GnuPG documentation czar is.  Hmm.  I don't know if
that's ever been mentioned on the list--David, Werner, who's responsible
for the docs?

> I'm still confused what default cipher is chosen automatically (for
> me its AES).

Everyone has a ranked list of preferences.  The preferences of all
recipients are considered and the stable marriage problem solved.  The
outcome of that computation is what algorithm GnuPG will use.

3DES is implicitly in everyone's preference list, so it can be fairly
said that 3DES is the default cipher preference.  Even if everything
else goes to hell, 3DES will be available and will be selected.

More information about the Gnupg-users mailing list