Re: [Tails-dev] Please review'n'merge feature/stronger-gnupg…

Delete this message

Reply to this message
Author: sajolida
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Please review'n'merge feature/stronger-gnupg-cipher
On 04/10/13 20:25, intrigeri wrote:
> candidate for 0.21, no ticket, merged into experimental, only one
> commit:
>
> commit 04e39f004930fe34b125b02ba68537d16ebd281e
> Author: Tails developers <amnesia@???>
> Date: Fri Oct 4 10:30:08 2013 +0000
>
>     Prefer stronger ciphers when encrypting data with GnuPG.

>
>     Quoting gpg(1):

>
>       This allows the user to safely override the algorithm chosen by the recipient
>       key preferences, as GPG will only select an algorithm that is usable by all
>       recipients. The most highly ranked cipher in this list is also used for
>       the --symmetric encryption command.

>
>     Use the same set of ciphers as we already use for newly created keys'
>     preferences (default-preference-list), that is AES256,AES192,AES,CAST5.

>
>     This should improve confidentiality in particular for symmetrically encrypted
>     data, that until now is encrypted with CAST5 only.

>
> Cheers,


I built an ISO for that branch and tested it. Symmetric encryption works
fine and uses AES256. Merged into devel then.