-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

With all due respect... NO.
It is not wise to impede on the power-users who use GPG due to the availability 
of the various configurations that brought us here in the first place.


On 9/30/19 9:43 AM, Roland Siemons wrote:[snip]
> 4/ Here is my proposal:
> 4.1/ Stimulate that people use a GUI like GPA or Kleopatra. Not Enigmail, 
> although it offers the same, but it offers too much for beginners. Email 
> integration comes after people have a basic understanding. Please do 
> appreciate if people only want to be able to prepare encrypted documents for 
> sending them as attachments.
This is not an issue with GnuPG. GnuPG is a back-end utility that front-end 
applications (like GUIs) interface to. Go to your vendor of choice that 
interfaces with GPG and complain to them about the complexity their interface. 
As far as GPG goes, it does exactly what it's supposed to. It's a command-line 
utility. Its raw interface is not supposed to be exposed to the kind of user 
you're expecting.

> 4.2/ Ensure that, when generating a keypair, GnuPG creates one directory 
> "Secretkeys", and one directory "Publickeys". Make GnuPG to store the public 
> part and the secret part separately in those directories. If GnuPG needs also 
> keypairs in a single file, store that under Secretkeys.Keys are stored in a 
> keyring database. You're not supposed to export them by copying files over in 
> this way. You use the command-line utility to import or export your public 
> keys.
For instance, the following command exports all of your signed public keys in 
PGP format:
gpg -a --export
...or you can export a specific key by suffixing that last command with the key 
(or name or email some other identifier) that you want to export. Exporting 
private keys is done the same way. Exporting the trust database can be done 
this way as well, albeit with different options.
> 4.5/ Get rid of the options to NOT publish keys on keyservers. Just work the 
> opt-in alternative: If you want to publish to keyservers, make that a 
> separate action that requires some effort.AFAIK, distributing keys to 
> keyservers already takes a separate action. Unless there's some other command 
> I'm not aware about, the only way I see to distribute keys to some keyserver 
> is with the following command:
gpg --send-keys $KEY_IDENTIFIER
-----BEGIN PGP SIGNATURE-----

iLcEARMKAB0WIQQWZv6JZKxO310TWtXo8fj9gx4T0wUCXZPnWAAKCRDo8fj9gx4T
0/YtAgEBKgPN/9Ua2odPSPn2K7g1Qnc2XovMnDWE30reqNT4/cYCQmnVuwjMspqs
w5dA7SSIj/fSm9NJptn5dS7y70NoIgIEDJ2+QDNj/4PpUSkkIr3zHpI+y4yIanLP
UxWL8YI5mHUAfGAZ05O8HwwDUm+Z+q4joxVjBjP8pNASTklHrf4U32A=
=Oi8M
-----END PGP SIGNATURE-----

_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to