> GnuPG in particular works like this: > > 1) Take the intersection of all recipients preference lists. This > rules out any algorithms that would be unusable by someone. > 2) Elect a "decider". The decider is the one person whose ordered > list we will honor the rankings for. If the user has specified a > personal-*-prefs list, then the user is the decider. If the user has > not specified a list, then the last recipient key is used. > 3) Walk the decider preference list from highest ranked to lowest > ranked - as soon as we hit an algorithm that is part of the > intersection from step #1, stop. > > For example: > Alice has AES CAST5 TWOFISH > Baker has CAST5 AES BLOWFISH > Charlie has BLOWFISH AES CAST5 > Donald has CAMELLIA TWOFISH BLOWFISH > > Assuming that there is no personal-*-prefs list set), here's how it > falls out: > > Alice Baker Charlie == AES > Baker Alice Charlie == AES > Charlie Alice Baker == CAST5 > Charlie Alice Baker Donald = 3DES
Thats a great explanation. Perhaps this should be included in the documentation. Lastly however this is assuming the sender is not using the cipher-algo digest-algo options. From my reading of the documentation, this will force the use of a particular cipher as dictated by the sender, even if the algorithm is not contained in the list of the public keys. I know these two options are not recommended for use, however since they are included as possible options, I think that they should at least be covered by a "what if" scenario. -- Kevin Hilton _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users