Gnupg-users Digest, Vol 120, Issue 29

Mike Acker mike_acker at charter.net
Mon Sep 16 01:07:43 CEST 2013


On 09/15/2013 05:05 PM, gnupg-users-request at gnupg.org wrote:
>
> On 09/15/2013 03:40 PM, Mike Acker wrote:
>> > it is important to understand that the specification i have in MY key is
>> > addressed to any party which may be sending to me.
> That's not how cipher-preference works.  You are conflating the
> preferences listed *on the certificate* with the preferences listed in
> the gpg.conf file.
>
>
OK
I'm trying to understand what the manual means:

    setpref string
        Set the list of user ID preferences to string for all (or just
    the selected) user IDs. Calling setpref with no arguments sets the
    preference list to the default (either built-in or set via
    --default-preference-list), and calling setpref with "none" as the
    argument sets an empty preference list. Use gpg2 --version to get a
    list of available algorithms. Note that while you can change the
    preferences on an attribute user ID (aka "photo ID"), GnuPG does not
    select keys via attribute user IDs so these preferences will not be
    used by GnuPG.

        When setting preferences, you should list the algorithms in the
    order which you'd like to see them used by someone else when
    encrypting a message to your key. If you don't include 3DES, it will
    be automatically added at the end. Note that there are many factors
    that go into choosing an algorithm (for example, your key may not be
    the only recipient), and so the remote OpenPGP application being
    used to send to you may or may not follow your exact chosen order
    for a given message. It will, however, only choose an algorithm that
    is present on the preference list of every recipient key. See also
    the INTEROPERABILITY WITH OTHER OPENPGP PROGRAMS section below.

the sending party will not have access to my gpg.conf file so that data
cannot affect his selection of a block cipher when encrypting traffic to
me.  i could change gpg.conf -- but right now i don't see that that
would do anything other than alter the default setting for preference --
possibly the output of --version
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20130915/ec39c65f/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 555 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130915/ec39c65f/attachment.sig>


More information about the Gnupg-users mailing list