> Yes, they would. I stepped away from my role as FAQ maintainer a few > years ago in protest of some very unwise decisions by the FSF. It's been > unmaintained since. I'm working on a totally rewritten FAQ, but it will > be entirely my own work and not FSF/FSFE supported. Unfortunately, > progress on this has gone quite slowly due to a health crisis (which is > slowly improving, thank you to everyone who's thought of me). > I'm very sympathetic to your political issues, of which I have similar stories from other projects. I recently saw a video of Torvalds explaining why he has nothing to do with the FSF. Something about them being well-intentioned but extremist fanatics.
I'm happy that you are on the mend (although this is our only introduction, but still, basic human decency). I lack technical competence, but if I can help at all, feel free to reach out. > That was in fact the *most* frequently asked. > I stand corrected. > 3DES is still considered secure for files under about 8 MiB in size... > For what it's worth, I select my encryption algorithms based on two criteria: 1. If I'm encrypting for someone else's service (typically, SSH), what cyphers do they support? 2. If I'm encrypting for myself, what's the most advanced and future-proofed cypher I can use that my hardware supports? Although your comprehensive discussions on cyphers is certainly interesting, if you want to streamline your workflow, perhaps consider linking to other discussions (like Wikipedia) for technical and historical information. Otherwise, recommending a couple really good cyphers may make the FAQ more digestible for newcomers. Just occurred to me: you may want to consider adding an FAQ about which cyphers are quantum vulnerable, since newcomers will probably want advice on that. > Right there you go, Camellia in three keylengths on Fedora Workstation 42. It > is almost certainly supported by your GnuPG installation. > My comments were unclear. I agree that gpg (which I confirm on my Debian box) supports Camellia. My point was that it doesn't seem easy to access. Specifically, when I run `gpg --full-generate-key --expert`, I get these options: ``` (1) RSA and RSA (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (7) DSA (set your own capabilities) (8) RSA (set your own capabilities) (9) ECC (sign and encrypt) *default* (10) ECC (sign only) (11) ECC (set your own capabilities) (13) Existing key (14) Existing key from card ``` ... none of which appear to lead me to a Camellia key. Having said that, being a symmetric cypher, maybe it's only supported for directly encrypting documents and not generating keys. I was trying to say that the attention it gets seems excessive to the ease of generating it. I would think that RSA, DSA & ECC cyphers would be far more relevant and should be the focus of that discussion. I used it as an example, and there are other cyphers that are completely unfamiliar to me. Then again, I respect that you could have been bombarded with so many questions about Camellia and the other cyphers that you added it to your FAQ. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
