You are missing another point, which is that -in addition to the gpg.conf client preferences- the keys you are encrypting to have preferences, too.
In fact, it is noted in the SE answer you linked: > Per default, GnuPG will read the recipient's algorithm preferences and > take the first algorithm in that list it supports (in other words, it > takes the most-preferred supported algorithm the recipient asks for). > https://security.stackexchange.com/questions/86305/what-is-the-default-cipher-algorithm-for-gnupg/86311#86311 The default of Cast5/AES-128 is for the case where you know nothing (in fact, the recipient might not even be able to decrypt it if you used an algorithm it doesn't support, so it can go to eg. 3DES. All keys you are using today should have been generated by non-ancient software and, as such, have this preference set, though) Kind regards _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
