I forgot about the meaning of some options...

Laurent Jumet laurent.jumet at skynet.be
Fri Sep 18 12:34:59 CEST 2009

Hash: RIPEMD160

Hello Faramir !

Faramir <faramir.cl at gmail.com> wrote:

>       I while ago, I added a couple of lines to my gpg.conf file, and at
> that time I thought I knew what was I doing... but right now, I can't
> remember exactly what effect do they have in gpg... maybe it is due to
> lack of caffeine, but anyway, I'd like to know the effects of the
> following lines:
> default-preference-list AES TWOFISH AES192 AES256 BLOWFISH CAST5 3DES
> SHA256 SHA512 SHA224 SHA384 SHA1 RIPEMD160 Z1 Z2 Z3 Z0
> and
> personal-cipher-preferences TWOFISH AES AES192 AES256 BLOWFISH CAST5 3DES
> I also have personal-digest-preferences and
> personal-compress-preferences lines, but understanding the
> personal-cipher-preferences line I would also understand the other 2
> lines...

    Let's take an example with my own:
    1st, you don't need to write the whole words but only their tags:

default-preference-list S7 S11 S12 S13 S1 S10 S3 S4 S2 S9 S8 H3 H8 H9 H10 H11
H2 H1 Z1 Z2 Z3 Z0
personal-cipher-preferences S7 S11 S12 S13 S1 S10 S3 S4 S2 S9 S8
personal-digest-preferences H3 H8 H9 H10 H11 H2 H1
personal-compress-preferences Z1 Z2 Z3 Z0

    The algorithm list is:
? Cipher-Algos:    ? Digest-Algos:    ? Compress-Algos:  ?
?                  ?                  ? Z0  Uncompressed ?
? S1  IDEA         ? H1  MD5          ? Z1  ZIP          ?
? S2  3DES         ? H2  SHA1         ? Z2  ZLIB         ?
? S3  CAST5        ? H3  RIPEMD160    ? Z3  BZIP2        ?
? S4  BLOWFISH     ?                  ?                  ?
?                  ?                  ?                  ?
?                  ?                  ?                  ?
? S7  AES          ?                  ?                  ?
? S8  AES192       ? H8  SHA256       ?                  ?
? S9  AES256       ? H9  SHA384       ?                  ?
? S10 TWOFISH      ? H10 SHA512       ?                  ?
? S11 CAMELLIA128  ? H11 SHA224       ?                  ?
? S12 CAMELLIA192  ?                  ?                  ?
? S13 CAMELLIA256  ?                  ?                  ?

    2nd, those preferences depend wether they are in gpg.conf or not; your key
is not branded. If you'd like (and it's of course the best) to brand your
public key in order to send it to KeyServer and allow everyone to know what
kind of Hash, Crypt and Compress algorythms you prefer, you must use the
"--edit-key/Setpref" menu.
    Let's suppose I want to brand my key 0xCFAF704C :
gpg --edit-key 0xCFAF704C
setpref S7 S11 S12 S13 S1 S10 S3 S4 S2 S9 S8 H3 H8 H9 H10 H11 H2 H1 Z1 Z2 Z3 Z0

    With those four settings in gpg.conf, GPG will take your first choice that
matches the first allowed choice in the public key you are encrypting to. And
your public key will indicate your choices providing you branded it before
sending to KeyServers.

    And while you brand your key for algorythms, you may want to brand it for
your preferred keyserver too:
keyserver http://www.pointdechat.net/0xCFAF704C.asc

- -- 
Laurent Jumet
      KeyID: 0xCFAF704C
Version: GnuPG v1.4.10 (MingW32)


More information about the Gnupg-users mailing list