Preferences...

David Shaw dshaw at jabberwocky.com
Mon Sep 22 15:37:22 CEST 2008


On Sep 22, 2008, at 1:52 AM, Laurent Jumet wrote:

> Hello !
>
>    To set the preferences, this can help:
>
>   ??????????????????????????????????????????????????????????
>   ? Cipher-Algos:    ? Digest-Algos:    ? Compress-Algos:  ?
>   ??????????????????????????????????????????????????????????
>   ?                  ?                  ? Z0  Uncompressed ?
>   ? S1  IDEA         ? H1  MD5          ? Z1  ZIP          ?
>   ? S2  3DES         ? H2  SHA1         ? Z2  ZLIB         ?
>   ? S3  CAST5        ? H3  RIPEMD160    ? Z3  BZIP2        ?
>   ? S4  BLOWFISH     ?                  ?                  ?
>   ?                  ?                  ?                  ?
>   ?                  ?                  ?                  ?
>   ? S7  AES          ?                  ?                  ?
>   ? S8  AES192       ? H8  SHA256       ?                  ?
>   ? S9  AES256       ? H9  SHA384       ?                  ?
>   ? S10 TWOFISH      ? H10 SHA512       ?                  ?
>   ? S11 CAMELLIA128  ? H11 SHA224       ?                  ?
>   ? S12 CAMELLIA192  ?                  ?                  ?
>   ? S13 CAMELLIA256  ?                  ?                  ?
>   ??????????????????????????????????????????????????????????
>
>    Those are my settings in GPG.CONF:
>
> default-preference-list S7 S1 S10 S3 S4 S2 S9 S8 H3 H8 H9 H10 H11 H2  
> H1 Z1 Z3 Z2 Z0
> personal-cipher-preferences S7 S1 S10 S3 S4 S2 S9 S8
> personal-digest-preferences H3 H8 H9 H10 H11 H2 H1
> personal-compress-preferences Z1 Z3 Z2 Z0

You don't need to say "Sxx Hxx Zxx" in preference lists.  You can give  
the whole algorithm name if you like.  The Sxx Hxx Zxx form is just  
for backwards compatibility with a much earlier version of GPG before  
it understood the algorithm names.

Also note that Camellia is not yet part of OpenPGP.  GPG has some  
support for testing as Camellia makes it through the RFC process, but  
it is disabled by default.  If you enable it (and ignore the warning  
message you will get every single time you run GPG), you could use  
them... but there is no guarantee that those messages will be  
decryptable, ever.  You've got a gun pointed at your foot.  Be careful  
you don't pull the trigger.

David



More information about the Gnupg-users mailing list