How can we utilize latest GPG from RPM repository?
edgar at pettijohn-web.com
Sun Feb 18 03:36:52 CET 2018
On 02/17/18 17:06, helices wrote:
> I will probably never understand why wanting to run the most current
> version of gnupg on a plethora of servers is controversial.
> Nevertheless, the two (2) greatest reasons are:
> 1. PCI DSS v3.2
> 2. PCI DSS compliance audits
> Being able to demonstrate that we are using the latest, greatest
> encryption available on every one of our hosts, simplifies that
> portion of the audit equation more than you probably believe.
> Furthermore, following feature not availabe in 2.0.22 are more than
> * The file secring.gpg is not used to store the secret keys anymore.
> * All support for PGP-2 keys has been removed for security reasons.
> * The standard key generation interface is now much leaner.
> * Commands to create and sign keys from the command line without any
> extra prompts are now available.
> * There is no more need to manually start the gpg-agent.
> * A new format for locally storing the public keys is now used.
> * Revocation certificates are now created by default.
> * The format of the key listing has been changed to better identify
> the properties of a key.
> Apparently, there is no current solution to our problem similar to
> that we found for our rsyslog example. That is too bad. We will get
> over our disappointment.
> However, let it be said here and now, if the gnupg community wants the
> use of gnupg to spread far further than a clique of geeks, making its
> use easier for non-geeks is probably the simplest and most direct way.
> Yes, that is my opinion, humble or otherwise.
> Are there any other questions before I get a direct answer to my
> original subject question?
> Thank you.
> On Wed, Feb 14, 2018 at 2:20 PM, helices <gpg at mdsresource.net
> <mailto:gpg at mdsresource.net>> wrote:
> CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't have anything newer.
> We want to move to v2.2.x, and stay current, but we don't want to
> download source and compile for dozens of systems.
> We want all users to be using the same version all of the time.
> Please, advise. Thank you.
Pay someone to package it for you.
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Gnupg-users