ADK's (was: [Announce] GnuPG 2.4.1 released)

Andrew Gallagher andrewg at
Sun Apr 30 13:22:53 CEST 2023

On 30 Apr 2023, at 11:30, Johan Wevers via Gnupg-users <gnupg-users at> wrote:
> On 2023-04-30 1:15, ckeader via Gnupg-users wrote:
>> Can't call it that as long as it's under user control (every long option of the software has an equivalent config file option. You don't add such a key via config or command line, no adsk will happen as it's not configured).
> On my key, yes, I can choose to add an adk or not of course. But suppose
> I want to encrypt to a key that has an adk added, but I only want to
> encrypt to that key and not to the added adk? How do I do that?

Just curious, what’s the threat scenario here? If you suspect that your correspondent’s key preferences have been tampered with by a third party then surely the entire key is supect and shouldn’t be used at all? If on the other hand you believe that it has not been tampered with, but your correspondent has been negligent in configuring it, then maybe you shouldn’t trust your correspondent?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <>

More information about the Gnupg-users mailing list