gpg.conf recommendations (FAQ improvement) was: GnuPG 1.4.19 - Encryption Questions

Kristian Fiskerstrand kristian.fiskerstrand at sumptuouscapital.com
Wed Aug 17 16:29:33 CEST 2016


On 08/17/2016 04:24 PM, Bernhard Reiter wrote:
> Am Dienstag, 16. August 2016 16:57:07 schrieb Robert J. Hansen:
>>> Ah thanks, this was introduced with 2.1.13 and I tested the
>>> behaviour on an earlier 2.1 version where it make a difference.
>>> So it is a recommendation for GnuPG v <=2.0.
>>
>> Concur.  I'll make the change shortly.
> 
> Thanks. 
> To meanwhile spread the word, I have temporarily added  the following news to 
> the wiki.gnupg.org
> 
> == News
> * 2016-08-16: Somebody uploaded the [[https://evil32.org|evil32]] pubkeys to 
> keyservers. It is time to remind people to set 
> the default {{{keyid-format long}}} in their {{{gpg.conf}}} to use 64bit 

I'm not sure I like this, it avoids the actual issue of people using
non-verified keys (and verification would be using fingerprint to begin
with, although I might read it without the proper context in this email)
-- 
----------------------------
Kristian Fiskerstrand
Blog: https://blog.sumptuouscapital.com
Twitter: @krifisk
----------------------------
Public OpenPGP certificate at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
----------------------------
Aquila non capit muscas
The eagle does not hunt flies

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20160817/687066c4/attachment.sig>


More information about the Gnupg-users mailing list