[PATCH GnuPG] agent: Enable restricted, browser, and ssh socket by default.

Justus Winter justus at g10code.com
Tue Sep 20 16:19:13 CEST 2016

Werner Koch <wk at gnupg.org> writes:
> On Tue, 20 Sep 2016 10:12, justus at g10code.com said:
>> Please clarify.  Do you consider automatic changes of the configuration
>> okay or not?
> Yes.  On a desktop the main gnupg application may change gpg-agent so
> that it works bets for this use case.  That is what we have done all the
> time for example with keyservers.

Are you somehow saying that GnuPG can only be used by one application?
What is a (the? my? your?) main GnuPG application?

>> 'restricted' on the other hand hints at why you might want to use this
>> over the standard socket.  Maybe 'remote'...
> I recall that my first idea for the option name was --remote-socket.  I
> did not name it so because it is not a remote socket but a local socket
> which is forwarded to the remote site using a separate tool (ssh).
> "restricted" does not describe the feature, "additional" would be better
> but that is too long; thus I still like "extra".

The "extra" socket allows merely a subset of the operation that the
"normal" socket allows, hence the allowed operations are restricted to
that subset.  How is "additional" a better name then "restricted"?  It
does not indicate that the set of operations is restricted.
"additional" means nothing except that it is not the only socket.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 454 bytes
Desc: not available
URL: </pipermail/attachments/20160920/a2cc811d/attachment.sig>

More information about the Gnupg-devel mailing list