On Mar 14, 2010, at 10:17 AM, MFPA wrote:

>> On Mar 14, 2010, at 8:26 AM, MFPA wrote:
>>> Would "--disable-cipher-algo AES" add anything to
>>> that? Or cause potential problems?
> 
>> Potential problems.  If you have AES in your key
>> preferences, but you disable it, you are telling people
>> to use AES - but then not decrypting it.
> 
>> Basically, you can guarantee you won't encrypt to
>> anyone using AES if you disable it, but this also means
>> you won't be able to decrypt anything that comes to you
>> in AES.
> 
> And if my key preferences and personal-cipher-preferences both omitted
> AES, I'm not using AES anyway, so disabling it would make no
> difference. Unless a sender is forcing that algo.

Correct.  And if a sender forced that algo, they would be doing so in violation 
of OpenPGP.  GnuPG will decrypt the message anyway, but it will print a warning 
that the sender violated your preferences (this warning is actually required by 
the OpenPGP spec).

> Is there anything the disable-cipher-algo option is actually useful
> for?

Not in general use.  It's handy for testing and debugging.

David


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to