On Sun, Jul 3, 2011 at 4:45 PM, David Shaw <[email protected]> wrote: > There are some obscure edge cases where you must have a 3DES or AES encrypted > private key, but for the overwhelming majority of people, no, there is no > reason to do this. The default (CAST5) is quite strong (which the original > poster acknowledged). It's just helpful to know what the "knobs" are to > understand how something as complex as OpenPGP is put together.
Exactly, it's just good to know. I won't bother changing the cipher or count, but this leaves me with one final question: In a few years, assuming GPUs are faster than ever, Moore's law is still on track, and all that; should I change the number of iterations with --s2k-count? The default 65536 is probably fine for now, but it'll certainly end up being too slow. gpg won't do this for me, or counteract this in another way? Thanks Chris _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
