<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 02/17/18 17:06, helices wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACNUArDKDhyxFHhA3bq2B+o1p8Yzbo9Xst=60-N6WHpi8wK86Q@mail.gmail.com">
<div dir="ltr">
<div>I will probably never understand why wanting to run the
most current version of gnupg on a plethora of servers is
controversial.</div>
<div><br>
</div>
<div>Nevertheless, the two (2) greatest reasons are:</div>
<div>
<ol>
<li>PCI DSS v3.2<br>
</li>
<li>PCI DSS compliance audits<br>
</li>
</ol>
</div>
<div>Being able to demonstrate that we are using the latest,
greatest encryption available on every one of our hosts,
simplifies that portion of the audit equation more than you
probably believe.<br>
</div>
<div><br>
</div>
<div>Furthermore, following feature not availabe in 2.0.22 are
more than nice-to-haves:</div>
<div>
<ul>
<li>The file secring.gpg is not used to store the secret
keys anymore.<br>
</li>
<li>All support for PGP-2 keys has been removed for security
reasons.<br>
</li>
<li>The standard key generation interface is now much
leaner.<br>
</li>
<li>Commands to create and sign keys from the command line
without any extra prompts are now available.<br>
</li>
<li>There is no more need to manually start the gpg-agent.<br>
</li>
<li>A new format for locally storing the public keys is now
used.<br>
</li>
<li>Revocation certificates are now created by default.<br>
</li>
<li>The format of the key listing has been changed to better
identify the properties of a key.<br>
</li>
</ul>
</div>
<div><br>
</div>
<div>Apparently, there is no current solution to our problem
similar to that we found for our rsyslog example. That is too
bad. We will get over our disappointment.</div>
<div><br>
</div>
<div>However, let it be said here and now, if the gnupg
community wants the use of gnupg to spread far further than a
clique of geeks, making its use easier for non-geeks is
probably the simplest and most direct way.</div>
<div><br>
</div>
<div>Yes, that is my opinion, humble or otherwise.</div>
<div><br>
</div>
<div>YMMV</div>
<div><br>
</div>
<div>Are there any other questions before I get a direct answer
to my original subject question?</div>
<div><br>
</div>
<div>Thank you.</div>
<div><br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Feb 14, 2018 at 2:20 PM,
helices <span dir="ltr"><<a
href="mailto:gpg@mdsresource.net" target="_blank"
moz-do-not-send="true">gpg@mdsresource.net</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div dir="ltr">CentOS 7 uses gnupg2 v2.0.22. EPEL doesn't
have anything newer.<br>
<br>
We want to move to v2.2.x, and stay current, but we
don't want to download source and compile for dozens of
systems.<br>
<br>
We want all users to be using the same version all of
the time.<br>
<br>
Please, advise. Thank you.<br>
<br>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
Pay someone to package it for you.<br>
<blockquote type="cite"
cite="mid:CACNUArDKDhyxFHhA3bq2B+o1p8Yzbo9Xst=60-N6WHpi8wK86Q@mail.gmail.com"><br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Gnupg-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Gnupg-users@gnupg.org">Gnupg-users@gnupg.org</a>
<a class="moz-txt-link-freetext" href="http://lists.gnupg.org/mailman/listinfo/gnupg-users">http://lists.gnupg.org/mailman/listinfo/gnupg-users</a>
</pre>
</blockquote>
<br>
</body>
</html>