On 2/24/11 4:31 PM, Aaron Toponce wrote: > If I run 'setpref S9 S10 S13 ...' when editing my key, then is adding > all this to the gpg.conf file really necessary?
Yes. "setpref" is, IMO, a badly misnamed command. The preferences you attach to your certificate are more like a ranked set of capabilities: they are what you advertise to the world as what you're capable of accepting, and (to an extent) in which order you prefer them.[*] The default-*-pref in your gpg.conf file is how you tell GnuPG what algorithms you wish to use, and in which order. E.g., if you encrypt a message to someone, the setprefs on your certificate are never even looked at: after all, you're only using your *recipient's* certificate. But if you have a default-*-pref, then GnuPG will (almost) always read and respect that. [*] The OpenPGP spec does not require it be treated as a preference list, but only as a capability set. GnuPG does a modified Borda count, IIRC, to determine which algorithm to use -- basically, the union of sender and recipient capabilities is considered, and each of sender and recipient get to cast a "vote" on which algorithm is used. This is GnuPG-specific behavior: don't expect other OpenPGP implementations to do likewise. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
