Ok so let me ask things in a different way Is the s2k-cipher-algo used in any other methods other than for protection of the keyring? Seems odd to me that CAST5 is the default -- however I'm sure this is specified according the one of the RFCs.
There is no current security implication for using the SHA1 hash for password hashing when using symmetric encryption? I'm only asking this in regards to selecting hash algorithms, because there seems to be a little hedging on the tried and true statement "Use the defaults" when it comes to the selection of hash algorithms. The intention of the last statement is not to rehash the old discussion of which hash algorithm to use -- really it is not!! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users