GnuPG defaults: changing back to --no-auto-key-retrieve
Patrick Brunschwig
patrick at enigmail.net
Sat Aug 12 12:17:48 CEST 2017
On 12.08.17 01:53, Daniel Kahn Gillmor wrote:
> hey folks--
>
> Werner and i spoke yesterday about the choice of defaults for
> auto-key-retrieve and auto-key-locate, which were updated in 2.1.23.
>
> Summary
> -------
>
> GnuPG will revert the default of -retrieve for now so that the default
> is --no-auto-key-retrieve. The default for --auto-key-locate will
> remain as local,wkd.
>
> I pushed this change to upstream in commit
> https://dev.gnupg.org/rGe6f84116abca2ed49bf14b2e28c3c811a3717227, and it
> will be in the next released version. I also just pushed 2.1.23-1 to
> debian unstable, with a patch that includes this change.
>
> What follows is my own notes from the discussion, i hope Werner will
> chime in if his recollection is different.
Thanks Daniel! I fully agree with your remarks. I'd like to add that
immediately after I read the release announcement - because I had the
same concerns that you you raised here - I implemented functionality in
Enigmail to add --no-auto-key-retrieve to all commands if gpg 2.1.23 or
newer is detected (and the user did not explicitly opt in to
auto-key-retrieve).
-Patrick
More information about the Gnupg-devel
mailing list