GnuPG Defaults

Werner Koch wk at
Wed Sep 17 16:47:02 CEST 2008

On Wed, 17 Sep 2008 16:16, vedaal at said:

> for ?? historical reasons of compatibility ?? with pgp 5+ 
> the default cipher that will be used for encryption, and also for 
> protection of the secret key, is CAST-5, not 3DES

Nope, 3DES is the only MUST cipher algorithm and thus used as the
last-resort if the preference system can't decide upon onather

CAST5 is like IDEA only a SHOULD in OpenPGP as per rfc2440.  The
updated OpenPGP (rfc4880) changed this SHOULD algorithms to AES-128
and CAST5 but kept 3DES as MUST algorithm.



Linux-Kongress 2008 + Hamburg + October 7-10 +

   Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.

More information about the Gnupg-users mailing list