Setpref is not working or is it a bug or something?
Robin Mathew Rajan
mail at robinmathewrajan.com
Sun Nov 30 03:10:21 CET 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hi bro, :)
Thanks for correcting me.
Robin Mathew Rajan
On 29-11-2014 AM 08:57, Robert J. Hansen wrote:
>> You can delete these values from your current gpg.conf.
>> s2k-digest-algo SHA256 s2k-cipher-algo AES256 cert-digest-algo SHA256
>> digest-algo SHA256
>> Reason 1: Those values are used when options like
>> 'personal-cipher-preferences', 'personal-digest-preferences' and
>> 'personal-compress-preferences' are not given! But here, you already
>> gave those three options already.
> This isn't quite true. personal-*-preferences won't affect s2k
> preferences or cert-digest-algo. However, you're absolutely correct to
> advise against using cipher-algo or digest-algo.
> (I *think* I'm right on this, but I can't promise I am, nor have I done
> a quick empirical test to check. Take the preceding with a grain of salt.)
>> Reason 2: Those values are known to break the OpenPGP standard.
> Some of them are serious problems (digest-algo and cipher-algo). The
> others are mostly safe. s2k is only used by the user on their own
> machine, so there isn't much concern about interoperability with other
> OpenPGP clients.
>> That's the same OpenPGP does. OpenPGP standard is just a reference
>> model. Anyone can modify it and include unique features. But it's
>> not necessary to be those 'unique features' to be included in every
>> OpenPGP implemented products. But when it comes to communicating
>> each other, there comes the problem if there's no common standard
> Those who are concerned about OpenPGP conformance should add "openpgp"
> to the end of their gpg.conf file. :)
>> But at the same time, these settings might be incompatible with
>> older softwares.
> Nope! The preference list you gave will not cause troubles with any
> OpenPGP application, not even old PGP 5.x. If there's no preference
> list on your recipient's public key (which does happen, from time to
> time), OpenPGP will gracefully degrade to use SHA-1 and 3DES. SHA-1 is
> getting pretty long in the tooth, but 3DES is still solid as a rock.
> My usual joke about 3DES -- which, like most of my jokes, is a way of
> telling truth with a laugh -- is that 3DES has all the beauty of a
> Soviet workers' housing bloc, all the aesthetics of the Socialist
> Realism school of art, and yet has been turning brilliant young
> cryptanalysts into burned-out alcoholic wrecks for the last 35 years. :)
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the Gnupg-users