updprefs command and changing key

David Shaw dshaw at jabberwocky.com
Sun Mar 14 16:43:28 CET 2010

On Mar 14, 2010, at 10:17 AM, MFPA wrote:

>> On Mar 14, 2010, at 8:26 AM, MFPA wrote:
>>> Would "--disable-cipher-algo AES" add anything to
>>> that? Or cause potential problems?
>> Potential problems.  If you have AES in your key
>> preferences, but you disable it, you are telling people
>> to use AES - but then not decrypting it.
>> Basically, you can guarantee you won't encrypt to
>> anyone using AES if you disable it, but this also means
>> you won't be able to decrypt anything that comes to you
>> in AES.
> And if my key preferences and personal-cipher-preferences both omitted
> AES, I'm not using AES anyway, so disabling it would make no
> difference. Unless a sender is forcing that algo.

Correct.  And if a sender forced that algo, they would be doing so in violation of OpenPGP.  GnuPG will decrypt the message anyway, but it will print a warning that the sender violated your preferences (this warning is actually required by the OpenPGP spec).

> Is there anything the disable-cipher-algo option is actually useful
> for?

Not in general use.  It's handy for testing and debugging.


More information about the Gnupg-users mailing list