Hello, These first two may be kinda a preferences thing, but I'm no expert in the field and I could not read the math even if I wanted to, so try to be easy on me.
Which algorithm is most secure/is there more non-college-math info on the web somewhere (no wikipedia please)? IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 What are the "?" mark values? "Pubkey: RSA, ELG, DSA, ?, ?" And similar to the above question, what is the hardest to break (I understand that there is no chance of a brute force attack, see the question below for a better idea of the attack I'm concerned about)(no wikipedia please)? How sensitive is an email to assumption based deciphering? For instance: Normal people start their emails with "Hello", "To whom it may concern", "Dear so-and-so" and people generally end their emails with "Thanks", "Sincerely, name", "Yours truly, name". Now, "name" and "so-and-so" can easily be determined by the public key of the person to whom you are sending data and your name can also be determined based on which email address you sent the message from so that gives crackers and the feds respectivly: Hello 5 To whom it may concern 23 Dear + name, 10+ Thanks 6 Sincerely, + name 16+ Yours truly, + name 20+ chars of preknown text (not to mention that most messages in english contain a large amount of "e"s,) to work with. So, how hard is it, knowing some of the message, to discover the whole thing and/or the private key of the user? Is it polite to post saying that you want to sign keys with somebody on a random mailing list? I can't decide, for though it is a recommended practice in the "keysigning howto" guide, I've never seen anybody do it and it is off topic on most lists. This, is of course, ignoring the fact that a "web of trust" can't be built unless people try to reach out to one another and sign there respective keys. The main reson I'm asking is, because I live out in a rural area and am unlikly to meet anybody who knows more about a computer then that you can't juice it, pick it, or mate it.... Is there a way to tell gpg2 to encrypt the body of a message with something other then AES? (I've read that it uses AES for the body and I've read that AES is a fast, but not very good method of encryption.) If my key expires, is using the same passpharse on another key a safe/ok thing to do? Is there a limit practical or imposed on the lenght of a passpharse? I'm thinking of a 740 char passphrase that, though containing sentences and, therefore, making sense, (though perhaps only to some sick people like me,) and also containing repetitions of words 4+ chars long, is really easy for me to remember. Do you think that it would be a good passphrase? Is exporting a public key a great way to announce that you can't wait to be spammed? (Your email is included in the output, as is your name.) If multiple people sign a cert and return it to me how do I merge all the signatures back into my key on my computer? _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users