Better default configuration

Best to instate these settings before creating any potential new keys.

As described by Daniel Kahn Gilmor edit ~/.gnupg/gpg.conf to include:

#-----------------------------
# algorithm and ciphers
#-----------------------------
# list of personal cipher preferences. When multiple digests are supported by
# all recipients, choose the strongest one
personal-cipher-preferences AES256 AES192 AES CAST5

# list of personal digest preferences. When multiple ciphers are supported by
# all recipients, choose the strongest one
personal-digest-preferences SHA512 SHA384 SHA256 SHA224
# message digest algorithm used when signing a key
cert-digest-algo SHA512
# this preference list is used for new keys and becomes the default for
# "setpref" in the edit menu
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

other useful options from archlinux and riseup:

#-----------------------------
# behavior
#-----------------------------

# Display long key IDs
keyid-format 0xlong

# List all keys (or the specified ones) along with their fingerprints
with-fingerprint

# Display the calculated validity of user IDs during key listings
list-options show-uid-validity
verify-options show-uid-validity

# Try to use the GnuPG-Agent. With this option, GnuPG first tries to connect to
# the agent before it asks for a passphrase.
use-agent



#-----------------------------
# keyserver
#-----------------------------

# Do not refresh a key from its advertised keyserver name,
# incase the key owner designated an insecure method for pulling their key.
keyserver-options no-honor-keyserver-url