On Jun 20, 2012, at 1:18 PM, Robert J. Hansen wrote:
> On 6/20/12 1:10 PM, John wrote:
>> When someone uses my public key to encrypt a message to me, what
>> prevents them from trying to use an encryption algorithm of his choice.
>
> Nothing. They can use --cipher-algo to force whatever symmetric algorithm
> they wish. This may wind up with a message that you're unable to read -- for
> instance, if your recipient forces AES256 and you're using PGP 7.0, you'll be
> unable to read it. (This is why most of us advise against using
> --cipher-algo.)
>
> The certificate does list what algorithms you're capable of reading, and most
> well-behaved OpenPGP applications will interpret that as ranked preferences
> ("I most prefer this, then that, then the other"). However, this is purely
> advisory and the sender can easily ignore it.
Note that just the ranking of preferences is advisory. The use of algorithms
that are on the list, however, is required by the spec:
An implementation MUST NOT use a symmetric algorithm that is not in the
recipient's preference list.
and later
If an implementation can decrypt a message that a keyholder doesn't
have in their preferences, the implementation SHOULD decrypt the
message anyway, but MUST warn the keyholder that the protocol has
been violated.
So if you ever get a warning message like:
gpg: WARNING: cipher algorithm AES256 not found in recipient preferences
That means the sender violated the spec (perhaps most likely by having an old
copy of your key with a pref that you removed at some point, but you never
know).
David
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
