| commit | 04e39f004930fe34b125b02ba68537d16ebd281e | |
| author | Tails developers <amnesia@boum.org> | |
| Fri, 4 Oct 2013 10:30:08 +0000 (4 10:30 +0000) | ||
| committer | Tails developers <amnesia@boum.org> | |
| Fri, 4 Oct 2013 10:30:08 +0000 (4 10:30 +0000) | ||
| tree | af37a0a1b94d7a3ec380d562e84d0e423ee28f99 | treesnapshot (tar.gz zip) |
| parent | f3629996261f39d759b1644db997e145b29019e1 | commitdiff |
Prefer stronger ciphers when encrypting data with GnuPG.
Quoting gpg(1):
This allows the user to safely override the algorithm chosen by the recipient
key preferences, as GPG will only select an algorithm that is usable by all
recipients. The most highly ranked cipher in this list is also used for
the --symmetric encryption command.
Use the same set of ciphers as we already use for newly created keys'
preferences (default-preference-list), that is AES256,AES192,AES,CAST5.
This should improve confidentiality in particular for symmetrically encrypted
data, that until now is encrypted with CAST5 only.
Quoting gpg(1):
This allows the user to safely override the algorithm chosen by the recipient
key preferences, as GPG will only select an algorithm that is usable by all
recipients. The most highly ranked cipher in this list is also used for
the --symmetric encryption command.
Use the same set of ciphers as we already use for newly created keys'
preferences (default-preference-list), that is AES256,AES192,AES,CAST5.
This should improve confidentiality in particular for symmetrically encrypted
data, that until now is encrypted with CAST5 only.
| config/chroot_local-includes/etc/skel/.gnupg/gpg.conf | diffblobblamehistory |