Setpref is not working or is it a bug or something?
Robert J. Hansen
rjh at sixdemonbag.org
Sat Nov 29 04:27:49 CET 2014
> You can delete these values from your current gpg.conf.
>
> s2k-digest-algo SHA256 s2k-cipher-algo AES256 cert-digest-algo SHA256
> digest-algo SHA256
>
> Reason 1: Those values are used when options like
> 'personal-cipher-preferences', 'personal-digest-preferences' and
> 'personal-compress-preferences' are not given! But here, you already
> gave those three options already.
This isn't quite true. personal-*-preferences won't affect s2k
preferences or cert-digest-algo. However, you're absolutely correct to
advise against using cipher-algo or digest-algo.
(I *think* I'm right on this, but I can't promise I am, nor have I done
a quick empirical test to check. Take the preceding with a grain of salt.)
> Reason 2: Those values are known to break the OpenPGP standard.
Some of them are serious problems (digest-algo and cipher-algo). The
others are mostly safe. s2k is only used by the user on their own
machine, so there isn't much concern about interoperability with other
OpenPGP clients.
> That's the same OpenPGP does. OpenPGP standard is just a reference
> model. Anyone can modify it and include unique features. But it's
> not necessary to be those 'unique features' to be included in every
> OpenPGP implemented products. But when it comes to communicating
> each other, there comes the problem if there's no common standard
> rule.
Those who are concerned about OpenPGP conformance should add "openpgp"
to the end of their gpg.conf file. :)
> But at the same time, these settings might be incompatible with
> older softwares.
Nope! The preference list you gave will not cause troubles with any
OpenPGP application, not even old PGP 5.x. If there's no preference
list on your recipient's public key (which does happen, from time to
time), OpenPGP will gracefully degrade to use SHA-1 and 3DES. SHA-1 is
getting pretty long in the tooth, but 3DES is still solid as a rock.
My usual joke about 3DES -- which, like most of my jokes, is a way of
telling truth with a laugh -- is that 3DES has all the beauty of a
Soviet workers' housing bloc, all the aesthetics of the Socialist
Realism school of art, and yet has been turning brilliant young
cryptanalysts into burned-out alcoholic wrecks for the last 35 years. :)
More information about the Gnupg-users
mailing list