Change key prefs; few questions
Chris Poole
lists at chrispoole.com
Sun Jul 3 10:37:55 CEST 2011
Thanks.
There's no way to change the cipher used for encrypting the private key itself (CAST5 I believe)?
(Not that I would, as I'm sure the default is more than good enough for my needs.)
Also, if I understand correctly, someone trying to brute-force the key would need to guess my passphrase, then pass it through the key stretching algorithm that gpg uses, before trying to decrypt the key. How often does the "work function" defining how long the key stretching process take, get updated? (I can't find an option to make it user configurable.)
Thanks
Chris
On 3 Jul 2011, at 01:38, David Shaw <dshaw at jabberwocky.com> wrote:
> On Jul 2, 2011, at 3:37 PM, Chris Poole wrote:
>
>> Hi,
>> I changed the order of preferred ciphers and hash functions using setpref. My public key has changed, but not the fingerprint.
>
> That is correct. Changing the various preferences does not change the fingerprint. The fingerprint remains constant no matter what you do to the key (changed/new preferences, new subkeys, new user IDs, etc).
>
>> Is the done thing now to ask anyone with the key to pull the latest version? (I've already updated the keyserver version.)
>
> You can ask them to update, if you like. It's up to you if the change you made to the preferred list is important enough. Some people refresh their keys periodically anyway.
>
> David
>
More information about the Gnupg-users
mailing list