Changing preferences

David Shaw dshaw at jabberwocky.com
Mon Sep 22 04:54:04 CEST 2008 

On Sep 21, 2008, at 7:34 PM, reynt0 wrote:

> On Thu, 18 Sep 2008, David Shaw wrote:
> . . .
>> 1) Take the intersection of all recipients preference lists.  This  
>> rules out any algorithms that would be unusable by someone.
>> 2) Elect a "decider".  The decider is the one person whose ordered  
>> list we will honor the rankings for.  If the user has specified a  
>> personal-*-prefs list, then the user is the decider.  If the user  
>> has not specified a list, then the last recipient key is used.
>> 3) Walk the decider preference list from highest ranked to lowest  
>> ranked - as soon as we hit an algorithm that is part of the  
>> intersection from step #1, stop.
> . . .
>
> I'm a little confused, maybe because I'm not sure who all
> "user" might refer to, or maybe :^) because my mind wants
> to understand the system according to what my mind wants to
> think would make sense to it.  I have thought the process was:
>
> ("S" is sender; "R1", "R2", are receiver(s); "M" is message)
> S has basic ordered acceptance list as Ps; as does each R as
> Pr1, Pr2, and so on.  S maybe has personal-*-prefs list as
> Pps; each R maybe does, Ppr1, Ppr2, etc.  The cipher used
> for M is chosen by:  1st find simple intersection of the
> ciphers listed in all the various P, this gives an unordered
> set.  2nd, from the ciphers in that intersection set, choose
> whichever ranks highest in Pps, if there is a Pps; otherwise
> choose whichever shows up first in Ps; and in any case
> ignoring all the Ppr1, Ppr2, etc and any ordering in the
> Pr1, Pr2, etc.
>
> Is this wrong?

Partially.  You need to remember that the "sender" preferences are not  
relevant here.  OpenPGP has no concept of a sender.  All it knows are  
keys, and there is no particular requirement for a secret key to be  
involved when sending a message.  For example, who is the sender here?

  gpg -r receiver1 -r receiver2 --encrypt my-file.txt

Using your nomenclature, here's the algorithm:

1) Take the intersection of the various PrXes.  This gives an  
unordered set.
2) If there is a Pps, choose the highest ranked entry in Pps that also  
exists in the intersection
3) If there is no Pps, choose the highest ranked entry in Pr1 that  
also exists in the intersection

Note that Ps, and any PprXes are irrelevant and in fact are unknown or  
unknowable at the time of encryption.

David

More information about the Gnupg-users mailing list