GnuPG Defaults

Kevin Hilton kevhilton at
Wed Sep 17 07:52:08 CEST 2008

> For whatever it's worth, many people within the OpenPGP community would
> really like to see a lot of algorithms go away.  (E.g., if it were up to
> me, only DSA, ElG, AES, 3DES, SHA1 and SHA256 would be supported.)  Some
> people reduce their advertised capabilities in order to encourage moving
> to a smaller algorithm set.

Based on the lack of vulnerabilities of those limited set of
algorithms (excluding SHA1 -- another topic entirely), it would seem
to be prudent to "refine" the number of acceptable algorithms.  When
the SHA family is eventually supplanted and Camellia cipher officially
recognized, I only see this list expanding, not shrinking!

Kevin Hilton

More information about the Gnupg-users mailing list