New option --recipient-file

Ben McGinnes ben at
Tue Aug 2 05:10:41 CEST 2016

On Wed, Jul 06, 2016 at 04:01:56PM +0200, Werner Koch wrote:
> it is now possible to bypass the keyring and take the public key
> directly from a file.  That file may be a binary or an ascii armored
> key and only the first keyblock from that file is used.  A key
> specified with this option is always fully trusted.

Very nice, but does that mean it will also be able to handle
additional .kbx files in addition to the .gpg and .asc files?

If so, will it also work with a trustdb file and, if so, is it
possible to specify a different trustdb file location when doing so?

> To futher assist some use cases the option
>   --no-keyring
> has also been implemented.  This is similar to
>   --no-default-keyring --keyring /dev/null

A most useful feature too.  I found it to be of particular use when
the annual assertions[1] of compromised keys being propagated out in
the world filter through various mailing lists and IT rumour mongers.
It's the key component in preventing the reality (corrupted key data)
interfering with my real keyring(s).


1: We all know who I'm referring to, so I don't need to feed the flames
   of narcissism by naming him.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: not available
URL: </pipermail/attachments/20160802/3d1d4f1d/attachment.sig>

More information about the Gnupg-devel mailing list