> Some of the defaults you propose are already there.

Yes.  My list was comprehensive ("what the new set should be"), not
differential ("what needs changing").  :)

> So, AES256 is already the default symmetric cipher (CAST5 and IDEA
> are not even in the list and must both be explicitly requested by the
> user), and SHA256 is already the default hash algorithm.

Your key pref isn't what matters: it's your default-cipher-prefs.  :)

CAST5 may not be the default choice anymore, but it can still be
selected (I believe) if the recipient's key prefs list it.  I think this
shouldn't be supported; CAST5 should only be used if (a) it's in the
recipient's key prefs and (b) it's explicitly listed in
default-cipher-prefs.

> Do you mean signatures in general, or key signatures
> (certifications)?

The former, although I think setting cert-digest-algo SHA256 by default
may be worth discussing.

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to