I figured out how to change the algorithms,
calmstorm at posteo.de
Mon Mar 20 10:56:27 CET 2017
Okay, I was doing this to ecnrypt my files, not emails for the most part...
I did however wonder, what you actually said, because I had pgp
encryption on and for some reason I couldn't read it through enigmail.
On 03/20/2017 01:29 AM, Robert J. Hansen wrote:
> No, you didn't figure out how to change the algorithms.
> Key preferences are the capabilities you advertise to the world. What
> you've done is told the world, "I only understand AES256, 3DES, SHA512,
> and SHA1." Which is great if the entire world understands AES256 and
> SHA512 -- but the moment you have a correspondent who doesn't (or who
> refuses to use it) you'll silently degrade to 3DES or SHA1.
> Imagine you're corresponding with someone who doesn't trust AES256,
> thinking it's tainted by association with NIST. (This is crazy talk,
> but unfortunately common.) They've configured GnuPG to never use
> AES256, but to prefer TWOFISH and CAMELLIA256 instead. Despite the fact
> your GnuPG is plenty capable of CAMELLIA256 and TWOFISH, since you're
> not advertising that capability your correspondent's GnuPG will silently
> drop to 3DES.
> Notably, GnuPG never looks at your own key preferences. That's what you
> advertise to the world as your capabilities. GnuPG looks to
> personal-cipher-preferences, et al, to determine which algos to use when
> creating traffic, which is why you were advised to set
> personal-cipher-preferences, etc., in your gpg.conf.
> If you want to generate 256-bit traffic, put AES256, TWOFISH, and
> CAMELLIA256 in your personal-cipher-preferences. Which is exactly what
> you were advised to do earlier.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
More information about the Gnupg-users