GnuPG

Date:2014-10-28

Sane default settings

As per https://wiki.mozilla.org/Security/Key_Management#GnuPG_settings

Add in $HOME/.gnupg/gpg.conf:

keyserver x-hkp://gpg.mozilla.org
utf8-strings
use-agent
personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

It ensures:

  • You are using a more privacy-aware keyserver (https, only the keyserver knows which keys you are retrieving).
  • Starts the agent (you probably had that).
  • Uses UTF-8 for display convenience.
  • Decent crypto settings as of this wonderful year of 2014.