3 ;;; Default configuration for GnuPG keys
5 ;;; (c) 2012 Mark Wooding
8 ;;;----- Licensing notice ---------------------------------------------------
10 ;;; This file is part of the distorted.org.uk key management suite.
12 ;;; distorted-keys is free software; you can redistribute it and/or modify
13 ;;; it under the terms of the GNU General Public License as published by
14 ;;; the Free Software Foundation; either version 2 of the License, or
15 ;;; (at your option) any later version.
17 ;;; distorted-keys is distributed in the hope that it will be useful,
18 ;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
19 ;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 ;;; GNU General Public License for more details.
22 ;;; You should have received a copy of the GNU General Public License
23 ;;; along with distorted-keys; if not, write to the Free Software Foundation,
24 ;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26 ;;;--------------------------------------------------------------------------
27 ;;; GnuPG configuration.
29 ;;; Properties defined by the key-type are as follows. All of them are
32 ;;; main-type Type of the main key. This must be an asymmetric
33 ;;; integrity key type, e.g., `RSA', `DSA'. The default
36 ;;; main-length The size of the main key, in bits. For DSA, this is
37 ;;; the larger field size. The default is 3072; you
38 ;;; should set it explicitly if you override the main
41 ;;; sub-type Type of the encryption subkey. This must be an
42 ;;; asymmetric secrecy key type, e.g., `RSA', `ELG-E'.
43 ;;; The default is `ELG-E'.
45 ;;; sub-length The size of the subkey, as for `main-length'. The
48 ;;; cipher-prefs A space-separated list of symmetric encryption
49 ;;; algorithms, in order of decreasing preference. The
50 ;;; default list is `AES256 AES TWOFISH 3DES BLOWFISH
51 ;;; CAST5', but this may well change later.
53 ;;; digest-prefs A space-separated list of message-digest (hash)
54 ;;; algorithms, in order of decreasing preference. The
55 ;;; default list is `SHA256 SHA1 RIPEMD160', but this may
56 ;;; well change later.
58 ;;; compress-prefs A space-separated list of compression algorithms, in
59 ;;; order of decreasing preference. The default list is
62 ;;; s2k-cipher The symmetric encryption scheme to use for encrypting
63 ;;; private keys. The default is the first algorithm
64 ;;; listed in `cipher-prefs'.
66 ;;; s2k-digest The message-digest (hash) algorithm to use for
67 ;;; deriving symmetric keys from passphrases. The
68 ;;; default is the first algorithm listed in
71 ;;; realname These are used to construct the GnuPG key name as
72 ;;; comment `$realname ($comment) <$email>'. If `comment' is
73 ;;; email missing or `nil' then the comment field and its
74 ;;; surrounding parentheses are omitted. A %{PARAM}
75 ;;; placeholder in these properties is replaced by the
76 ;;; values of the named key-generation parameter PARAM,
77 ;;; and an error is reported if no such parameter is
78 ;;; provided; a %{PARAM-DEFAULT} placeholder is replaced
79 ;;; by the value of the parameter PARAM, or the string
80 ;;; DEFAULT if no such parameter is provided.
85 ;; Main (integrity) key.
89 ;; Subsidiary (secrecy) key.
93 ;; Preferences for algorithms and compression.
94 cipher-prefs = AES256 AES TWOFISH 3DES BLOWFISH CAST5
95 digest-prefs = SHA256 SHA1 RIPEMD160
96 compress-prefs = ZLIB ZIP
98 ;; Identification (delegate to options).
99 realname = %{realname}
100 comment = %{comment-nil}
104 @include = %gnupg %asymmetric-integrity
107 @include = %gnupg %asymmetric-secrecy
111 realname = $@name $%description
112 email = $%email-prefix$%tag@$%domain
114 ;;;----- That's all, folks --------------------------------------------------
~mdw / distorted-keys / blob