Hi! You are mixing up two things:
1. The key derivation function, commonly abbreviated as KDF but in OpenPGP as S2K (String to Key). 2. The encrytion algorithm. The first is use to derive a key from a passphrase and the second to do the actual encryption. The goal of the key derivation is to make disctionary attacks harder by introducing a salt. This is for what all the --s2k-* options are used. The defaults are just fine but we provide a method to tune them anyway. The whole story is a bit more complicated because pre-OpenPGP modes have to be taken into account. Using --cipher-algo to select the actual cipher algorithm is justified becuase that option may also be used to override the symmetric cipher algorithm used with public key encryption. It's use for symmetrict encryption is required becuase we have no way to deduce the algorithm from any otehr information (like we do from the public key in public key encryption). Even if you disagree with me on the above, we can't change anything because it would break all applications using symmetric only encryption. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

