On Mon, Feb 04, 2008 at 12:57:34PM -0600, Robert J. Hansen wrote: > Kevin Hilton wrote: > > The problem I have, is that no where in the documentation are the > > defaults specified. > > >From the first full paragraph of the manpage: "[GnuPG] is a tool to > provide digital encryption and signing services using the OpenPGP > standard. [GnuPG] features complete key management and all bells and > whistles you can expect from a decent OpenPGP implementation." > > To me, that language is pretty clear about where you should look--the > OpenPGP standard, aka RFC4880, or its immediate predecessor RFC2440. > > That said, just because I think it's clear doesn't necessarily means it > /is/ clear. If it turns out that language is confusing or unclear, it > should definitely be changed to point people in the right direction.
The RFC doesn't specify default algorithms, aside from requiring 3DES as the algorithm of last resort. All decisions about algorithm ranking are made by the implementations and indirectly, the user. It's hard to list default algorithms in the man page mainly because there isn't a single answer. Different people will get a different default algorithm depending on who they are sending a message to, and possibly even by the order in which they specify the recipients on the command line (see below). All of this would need many paragraphs of explanation, and that's not really appropriate for a man page. I do agree it would be good for it to be documented somewhere, though. > > I'm still confused what default cipher is chosen automatically (for > > me its AES). > > http://en.wikipedia.org/wiki/Stable_marriage_problem GPG doesn't use the Stable Marriage Problem when picking algorithms, as this gives too much "power" to the recipients in choosing which algorithm is used. Rather, the intersection of preferences for all recipients is generated, leaving an unordered list of algorithms that are possible contenders for use. At this point, note that it would be possible to pick an algorithm from the list randomly, as there is no algorithm on the list that isn't usable for all recipients. GPG uses the personal-(whatever)-preferences as the final decider. It works its way down the personal preferences list in ranked order, consulting the personal preferences against the generated intersection list of recipient algorithms. This gives the user the power to decide what algorithms he or she generates, which is putting the power in the right place. If there are no personal-foo-preferences in use, then GPG uses the first key specified as the decider. This key is frequently the user's key, so is a reasonable choice to pick the favored algorithm. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
