diff --git a/gnupg/gpg.conf b/gnupg/gpg.conf
index d63b6c7..0643183 100644
--- a/gnupg/gpg.conf
+++ b/gnupg/gpg.conf
@@ -1,28 +1,40 @@
-openpgp
-
+# no spam
 no-greeting
 
+# minimize information leakage
 no-comments
 no-emit-version
+export-options export-minimal
 
+# show as much key info as possible
 keyid-format 0xlong
 with-fingerprint
 
-no-escape-from-lines
-
-display-charset utf-8
-
-fixed-list-mode
-
+# show validity of the keys
 verify-options show-uid-validity
 list-options show-uid-validity
 
-no-mangle-dos-filenames
-
-keyserver-options no-honor-keyserver-url no-auto-key-retrieve
-
+# cipher settings
+personal-cipher-preferences AES256 AES192 AES
 personal-digest-preferences SHA512 SHA384 SHA256
+personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
+default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES ZLIB BZIP2 ZIP Uncompressed
+
 cert-digest-algo SHA512
-default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed
+
+# key derivation algo
+s2k-cipher-algo AES256
+s2k-digest-algo SHA512
+s2k-mode 3
+s2k-count 65011712
 
 use-agent
+display-charset utf-8
+fixed-list-mode
+no-mangle-dos-filenames
+require-cross-certification
+
+# do not cache keys for symmetric encryption
+no-symkey-cache
+
+keyserver-options no-honor-keyserver-url no-auto-key-retrieve