GnuPG Defaults

Kevin Hilton kevhilton at
Wed Sep 17 07:41:16 CEST 2008

>> Would not this output seem to imply the key was generated with
>> preference for the AES family over 3DES?
> No.
> The preferences on a key are actually not very preferential.  It's a
> capability list far more than it is a preference list.  The fact AES
> comes before CAST5 matters very little.
> personal-cipher-preferences is what you're thinking of.  This gets set
> in the gpg.conf file, not on your key.

Thanks, I was definitely misguided.  However just a quick followup.

My gpg version contains far more capabilities (ie TWOFISH, BLOWFISH),
than what was listed in the key.  Why were these not included in the
"capability list"?

If I do not specify a personal-cipher-preference or cipher-algo within
the gpg.conf file, 3DES will always be chosen as the cipher algorithm?

Kevin Hilton

More information about the Gnupg-users mailing list