Robert J. Hansen
rjh at sixdemonbag.org
Wed Sep 24 05:22:35 CEST 2008
> didn't include Blowfish because I was told it is not supported by PGP
PGP can read Blowfish traffic. It won't generate Blowfish traffic, but
that's a separate issue.
> [Schneier] says people should move to Twofish.
No, Schneier has recommended people abandon Twofish and move to AES.
A lot of people are still quite fond of Blowfish. It's a beautifully
simple algorithm, quite elegant, and well-studied. I have a personal
liking for it just for its simplicity.
The all time best advice re: preferences is "unless you know what you're
doing and why, stick with the defaults." The defaults work just fine
for the overwhelming majority of users. Maybe one user in a thousand
will ever need to tweak them.
> What is better, to use S1 S2 S2 codes, or the names? I figure using the
> codes would save a bit of space, and since I don't have to keep those
> codes in my memory, it is not a problem for me to enter them that way.
Names. Definitely names. Much less chance of screwing them up and
accidentally doing something like preferring SHA1 over SHA256.
More information about the Gnupg-users