GnuPG Defaults

David Shaw dshaw at
Wed Sep 17 07:00:39 CEST 2008

On Sep 17, 2008, at 12:38 AM, Kevin Hilton wrote:

> I'm sure its probably contained in one of the RFC's, however when was
> DSA signing keys and ElGamal Encryption keys, along with the AES-256
> cipher and SHA1 digest chosen as the defaults for key generation?  Any
> particular reasons these were chosen as the defaults?  (This is not an
> attempt to lure people into a discussion of which is better than
> that).  I'm just curious why these were chosen as defaults.

There were many reasons behind it, but a significant one was that DSA  
signing keys and Elgamal encryption keys were not patented.  It is  
difficult to establish a new protocol if a major chunk of it is  
patented.  SHA1 was the state of the art hash then, and an obvious  
AES256 is not the default cipher.  3DES is.


More information about the Gnupg-users mailing list