dshaw at jabberwocky.com
Mon Sep 22 04:54:04 CEST 2008
On Sep 21, 2008, at 7:34 PM, reynt0 wrote:
> On Thu, 18 Sep 2008, David Shaw wrote:
> . . .
>> 1) Take the intersection of all recipients preference lists. This
>> rules out any algorithms that would be unusable by someone.
>> 2) Elect a "decider". The decider is the one person whose ordered
>> list we will honor the rankings for. If the user has specified a
>> personal-*-prefs list, then the user is the decider. If the user
>> has not specified a list, then the last recipient key is used.
>> 3) Walk the decider preference list from highest ranked to lowest
>> ranked - as soon as we hit an algorithm that is part of the
>> intersection from step #1, stop.
> . . .
> I'm a little confused, maybe because I'm not sure who all
> "user" might refer to, or maybe :^) because my mind wants
> to understand the system according to what my mind wants to
> think would make sense to it. I have thought the process was:
> ("S" is sender; "R1", "R2", are receiver(s); "M" is message)
> S has basic ordered acceptance list as Ps; as does each R as
> Pr1, Pr2, and so on. S maybe has personal-*-prefs list as
> Pps; each R maybe does, Ppr1, Ppr2, etc. The cipher used
> for M is chosen by: 1st find simple intersection of the
> ciphers listed in all the various P, this gives an unordered
> set. 2nd, from the ciphers in that intersection set, choose
> whichever ranks highest in Pps, if there is a Pps; otherwise
> choose whichever shows up first in Ps; and in any case
> ignoring all the Ppr1, Ppr2, etc and any ordering in the
> Pr1, Pr2, etc.
> Is this wrong?
Partially. You need to remember that the "sender" preferences are not
relevant here. OpenPGP has no concept of a sender. All it knows are
keys, and there is no particular requirement for a secret key to be
involved when sending a message. For example, who is the sender here?
gpg -r receiver1 -r receiver2 --encrypt my-file.txt
Using your nomenclature, here's the algorithm:
1) Take the intersection of the various PrXes. This gives an
2) If there is a Pps, choose the highest ranked entry in Pps that also
exists in the intersection
3) If there is no Pps, choose the highest ranked entry in Pr1 that
also exists in the intersection
Note that Ps, and any PprXes are irrelevant and in fact are unknown or
unknowable at the time of encryption.
More information about the Gnupg-users