Working with a system-shared keyring

Werner Koch wk at gnupg.org
Tue Aug 9 11:38:27 CEST 2011


On Fri, 10 Jun 2011 20:43, dougb at dougbarton.us said:

>> But fixes a lot of problems.  The keyring is a database and if we
>> distribute this database to several files without a way to sync them;
>> this leads to problems.  You may have not been affected by such problems
>> but only due to the way you use gpg.
>
> Can you elaborate on those problems? I can think of several examples
> of databases whose contents are stored in multiple files without any
> difficulty, so I'm curious.

But in those cases the files are either under the control of the
database or partitioned using a well defined scheme.  With the --keyring
option this is different: You may add several keyrings to GnuPG and
remove them later.  There is no way GPG can tell whether there are
duplicates or which instances of a duplicated entry it needs to update.
Sure, we could make this working but I it will get really complex.  Thus
it is far easier to have one file or set of files which are under the
sole control of GPG.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list