Package: gnupg2 Version: 2.0.23-1 Please add "parcimonie" to Suggests.
From Riseup Labs OpenPGP Best Practices:
Make sure you are receiving regular key updates.If you do not regularly refresh your public keys, you do not get timely expirations or revocations, both of which are very important to be aware of! If you do a simple ‘gpg —refresh-keys’, you disclose to anyone listening, and the keyserver operator, the whole set of keys that you are interested in refreshing. To avoid this, you can do regular key updates by using parcimonie to refresh your keyring. Parcimonie is a daemon that slowly refreshes your keyring from a keyserver over Tor. It uses a randomized sleep, and fresh tor circuits for each key. The purpose is to make it hard for an attacker to correlate the key updates with your keyring. Parcimonie is packaged in both debian and ubuntu.
https://we.riseup.net/riseuplabs+paow/openpgp-best-practicesSince parcimonie seems to be the only tool to do this that has a Debian package, this seems the perfect suggestion.
Thanks, and keep up the good work!
--
ilf
Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg!
-- Eine Initiative des Bundesamtes für Tastaturbenutzung
signature.asc
Description: Digital signature
