Changing preferences

Faramir at
Thu Sep 18 07:17:55 CEST 2008

Hash: SHA256

David Shaw escribió:

> You say you modified your preferences in gpg.conf - how?  There are a

personal-cipher-preferences AES256 TWOFISH AES192 AES BLOWFISH CAST5 3DES
personal-digest-preferences SHA256 SHA1 SHA512 SHA384 SHA224 RIPEMD160 MD5
personal-compress-preferences ZIP ZLIB BZIP2 Z0

And from the key:

Orden> showpref
[  absoluta ] (1). Faramir < at>
     Cifrado: AES256, AES192, AES, CAST5, 3DES
     Resumen: SHA1, SHA256, RIPEMD160
     Compresión: ZLIB, BZIP2, ZIP, Sin comprimir
     Características: MDC, Sevidor de claves no-modificar

> few things regarding preferences in gpg.conf, but few of them impact
> showpref.

  I supposed if I generate a key, gpg would follow those preferences...
so my concern was the keys generated previous to setting the
preferences. But it seems I was wrong, because a key I generated
yesterday shows the same preferences as my oldest key...

> Showpref shows what the preferences are on the key itself.  These are
> the preferences that other users who are encrypting to you will use for
> you.  Obviously, your gpg.conf cannot be consulted by the other users :)

  Right, but if I edit a key, or generate a new one, gpg could take the
preferences from gpgp.conf (if any), and set the key preferences
according to that list... if it doesn't do it, probably there is a good
reason for that... it is my newbie point of view about the subject.

> If you want to alter the list of preferences on your key, do this:
>  gpg --edit-key (thekey)
>  setpref aes256 sha512 bzip2 blah blah blah
>  save

  Ok, I will do that, thanks.

> mix cipher, hash, and compression algorithms.  You can also use "mdc",
> "no-mdc", "ks-modify", and "no-ks-modify" to enable and disable the MDC
> and keyserver modify flags.  MDC defaults to on, ks-modify defaults to
> off (i.e. don't allow modification).

  I will have to take a look at the manual again, I am not sure what
does MDC mean...

> Note that you can specify a different set of preferences for each user
> ID.  This is a handy feature, as it lets you express things like "I want
> to use AES256 for home stuff, but my work address requires 3DES by policy".

  Yes, that looks very useful. However, I would rather use different
keys, with different email addresses for different purposes... I mean, I
don't see the advantage of having a "Faramir" UID, and another UID with
my real name, if somebody will see all my UIDs after downloading my
key... but that is material for another subject, I think :-P

  Best Regards
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-users mailing list