diff options
-rw-r--r-- | .caff/gnupghome/dirmngr.conf | 2 | ||||
-rw-r--r-- | .caff/gnupghome/gpg.conf | 6 | ||||
-rw-r--r-- | .gnupg/gpg.conf | 20 |
3 files changed, 7 insertions, 21 deletions
diff --git a/.caff/gnupghome/dirmngr.conf b/.caff/gnupghome/dirmngr.conf index 4cc4bb6a..14114144 100644 --- a/.caff/gnupghome/dirmngr.conf +++ b/.caff/gnupghome/dirmngr.conf @@ -1 +1 @@ -hkp-cacert /home/spwhitton/lib/sks-keyservers.netCA.pem +keyserver hkps://keys.openpgp.org diff --git a/.caff/gnupghome/gpg.conf b/.caff/gnupghome/gpg.conf index 58b4159d..38eed45b 100644 --- a/.caff/gnupghome/gpg.conf +++ b/.caff/gnupghome/gpg.conf @@ -1,6 +1,4 @@ -keyserver hkps://hkps.pool.sks-keyservers.net -keyserver-options no-honor-keyserver-url +personal-cipher-preferences AES256 AES192 AES CAST5 -personal-digest-preferences SHA512 cert-digest-algo SHA512 -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed +personal-digest-preferences SHA512 SHA384 SHA256 SHA224 diff --git a/.gnupg/gpg.conf b/.gnupg/gpg.conf index 6352d548..89d75235 100644 --- a/.gnupg/gpg.conf +++ b/.gnupg/gpg.conf @@ -1,12 +1,6 @@ -no-greeting default-key 8DC2487E51ABDD90B5C4753F0F56D0553B6D411B default-recipient-self -#encrypt-to some-key-id -keyserver-options no-honor-keyserver-url -#keyserver-options no-try-dns-srv keyserver-options include-revoked -# not needed with gpg 2.1 and can break duplicity -#use-agent verify-options show-primary-uid-only keyid-format 0xlong with-fingerprint @@ -14,14 +8,8 @@ list-options show-uid-validity verify-options show-uid-validity personal-cipher-preferences AES256 AES192 AES CAST5 -personal-digest-preferences SHA512 SHA384 SHA256 SHA224 -cert-digest-algo SHA512 -default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed -# see "Configure mutt to use Debian keyrings for verification" in -# SmallTasks.org for why these are commented out atm -#keyring /usr/share/keyrings/debian-archive-keyring.gpg -#keyring /usr/share/keyrings/debian-keyring.gpg -#keyring /usr/share/keyrings/debian-maintainers.gpg -#keyring /usr/share/keyrings/debian-nonupload.gpg -#keyring /usr/share/keyrings/debian-role-keys.gpg +# default-preference-list now has SHA512 first upstream. +# These two are the defaults on Debian, but only thanks to a Debian patch. +cert-digest-algo SHA512 +personal-digest-preferences SHA512 SHA384 SHA256 SHA224 |