swdb.lst, gnupg21 and gnupg-2.2.0

Werner Koch wk at gnupg.org
Wed Sep 6 09:27:37 CEST 2017

On Tue,  5 Sep 2017 10:38, aheinecke at intevation.de said:

> IMO we should declare the swdb.lst as an internal format and request users to 
> use gpgconf --query-swdb. With adding --homedir you can point it to an 

I see two problems with this approach:

  - Old versions of GnuPG may want to access the current swdb.  How, an
    internal format, implicates that we can update it at will.
    Obviously older version of GnuPG can't cope with that.

  - The build-aux/getswdb.sh is used by the speedo build system.  Thus
    dirmngr is not the only user of swdb,

In general I agree that using dirmngr/gpgconf to access it is a better
approach than to use one own's script.  However, It will take some years
until the new dirmngr will be in general use.  IIRC, Debian even removed
the automatic refresh and thus gpg-connect-agent needs to be used to
trigger a refresh.

> I think the following aliases would make sense to keep:
> gnupg_lts (for an lts branch, currently 2.2)
> gnupg (for the latest release, 2.3.0 in the future)
> gnupg1 (for gnupg 1.x)

We could implement this as aliases in gpgconf but I doubt that this is a
general solution: Switching to a newer major version (technical minor
version number, like 2.2. to 2.4) may require more than a simple
software update.

BTW, we already have two aliases implemented in gpgcponf:

  if (!strcmp (name, "gnupg"))
    search_name = GNUPG_SWDB_TAG;  /* current value is "gnupg22" */
  else if (!strcmp (name, "gnupg1"))
    search_name = "gnupg1";
    search_name = name;



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170906/a353b155/attachment.sig>

More information about the Gnupg-devel mailing list